urlscan.io logo urlscan.io
SecurityTrails logo

www.botasot.info Open in urlscan Pro
2606:4700:3032::ac43:ca88  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.botasot.info/
Submission: On March 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 12 countries across 126 domains to perform 910 HTTP transactions. The main IP is 2606:4700:3032::ac43:ca88, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.botasot.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.
This is the only time www.botasot.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
68 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 13.79.176.48 8075 (MICROSOFT...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.106 16509 (AMAZON-02)
2 2600:9000:212... 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 65.9.96.19 16509 (AMAZON-02)
13 2606:4700:303... 13335 (CLOUDFLAR...)
32 151.139.241.23 33438 (HIGHWINDS2)
8 145.239.193.145 16276 (OVH)
8 8 185.86.137.113 201081 (SMARTADSE...)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
9 2a02:2638:1::13 44788 (ASN-CRITE...)
8 145.239.192.166 16276 (OVH)
8 51.89.9.254 16276 (OVH)
1 34 2606:4700:10:... 13335 (CLOUDFLAR...)
2 10 2620:116:800d... 16509 (AMAZON-02)
8 54.72.19.40 16509 (AMAZON-02)
8 13.225.84.15 16509 (AMAZON-02)
2 24 23.218.208.246 16625 (AKAMAI-AS)
8 2600:9000:218... 16509 (AMAZON-02)
63 104.19.136.78 13335 (CLOUDFLAR...)
38 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
5 2a03:2880:f12... 32934 (FACEBOOK)
1 67.202.94.94 32748 (STEADFAST)
9 11 185.33.220.244 29990 (ASN-APPNEX)
30 33 142.250.185.66 15169 (GOOGLE)
20 30 52.49.114.167 16509 (AMAZON-02)
2 2 108.128.254.60 16509 (AMAZON-02)
3 3 52.56.207.211 16509 (AMAZON-02)
1 1 23.210.249.113 16625 (AKAMAI-AS)
8 34.120.133.55 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
12 16 51.89.21.31 16276 (OVH)
1 1 185.183.112.155 60350 (VP)
6 6 18.157.138.23 16509 (AMAZON-02)
19 2a0c:5c81:514... 55081 (24SHELLS)
35 63.34.130.174 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 176.34.121.94 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.19.135.78 13335 (CLOUDFLAR...)
13 69.173.144.165 26667 (RUBICONPR...)
8 16 185.64.189.110 62713 (AS-PUBMATIC)
9 10 185.33.220.145 29990 (ASN-APPNEX)
7 16 185.86.139.89 201081 (SMARTADSE...)
7 18.195.130.212 16509 (AMAZON-02)
1 213.174.135.2 39572 (ADVANCEDH...)
4 2a00:1450:400... 15169 (GOOGLE)
5 5 23.79.143.124 16625 (AKAMAI-AS)
12 104.108.50.124 16625 (AKAMAI-AS)
5 5 185.184.8.30 204995 (RTB-HOUSE...)
7 7 35.212.212.222 15169 (GOOGLE)
22 22 3.121.79.35 16509 (AMAZON-02)
5 7 35.157.249.55 16509 (AMAZON-02)
4 104.19.216.61 13335 (CLOUDFLAR...)
6 6 37.157.2.236 198622 (ADFORM)
4 104.16.199.73 13335 (CLOUDFLAR...)
1 34.96.106.9 15169 (GOOGLE)
4 4 3.127.166.11 16509 (AMAZON-02)
8 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 18.158.174.89 16509 (AMAZON-02)
2 2 87.98.252.5 16276 (OVH)
1 35.227.247.230 15169 (GOOGLE)
1 1 168.119.127.61 24940 (HETZNER-AS)
1 2600:9000:212... 16509 (AMAZON-02)
1 23.218.208.187 16625 (AKAMAI-AS)
1 2a0c:5c81:516... 55081 (24SHELLS)
1 3 62.149.0.72 15497 (COLOCALL ...)
3 3 35.186.253.211 15169 (GOOGLE)
2 2a0c:5c81:510... 55081 (24SHELLS)
1 1 212.224.118.36 44066 (DE-FIRSTC...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 23.218.208.200 16625 (AKAMAI-AS)
3 185.64.190.78 62713 (AS-PUBMATIC)
2 4 178.250.2.151 44788 (ASN-CRITE...)
2 213.155.156.180 1299 (TELIANET ...)
1 3 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.190.106 62713 (AS-PUBMATIC)
1 3 159.253.128.188 36351 (SOFTLAYER)
4 4 185.29.135.233 30419 (MEDIAMATH...)
1 17 185.64.190.80 62713 (AS-PUBMATIC)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 161 151.101.13.44 54113 (FASTLY)
3 10 46.249.52.248 50673 (SERVERIUS-AS)
1 1 66.155.71.25 13768 (COGECO-PEER1)
4 4 213.19.147.150 26120 (RHYTHMONE)
2 2 213.19.147.151 3356 (LEVEL3)
2 46.249.52.249 50673 (SERVERIUS-AS)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 6 52.4.128.233 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 159.69.64.14 24940 (HETZNER-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
3 5 18.156.0.31 16509 (AMAZON-02)
3 5 35.227.248.159 15169 (GOOGLE)
2 3 37.157.3.29 198622 (ADFORM)
1 217.156.250.128 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 4 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.108 24961 (MYLOC-AS ...)
2 5 52.210.253.186 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
3 34.98.67.61 15169 (GOOGLE)
2 52.31.77.198 16509 (AMAZON-02)
4 4 151.101.114.49 54113 (FASTLY)
1 1 52.0.135.151 14618 (AMAZON-AES)
1 2 52.95.124.170 16509 (AMAZON-02)
1 3 104.108.41.56 16625 (AKAMAI-AS)
2 185.64.189.114 62713 (AS-PUBMATIC)
3 3 18.185.197.81 16509 (AMAZON-02)
4 15 141.226.228.48 200478 (TABOOLA-AS)
9 199.232.137.44 54113 (FASTLY)
2 69.173.144.138 26667 (RUBICONPR...)
3 5 198.148.27.139 19189 (PULSEPOINT)
2 4 216.52.2.30 30282 (AS-INAPCD...)
2 174.137.133.49 27257 (WEBAIR-IN...)
2 18.195.155.181 16509 (AMAZON-02)
3 3 52.51.160.138 16509 (AMAZON-02)
2 2 139.162.117.143 63949 (LINODE-AP...)
2 192.132.33.46 18568 (BIDTELLECT)
3 141.226.224.32 200478 (TABOOLA-AS)
2 2 35.210.215.44 15169 (GOOGLE)
1 2 52.46.130.13 16509 (AMAZON-02)
2 3 88.221.62.154 16625 (AKAMAI-AS)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 2 54.85.167.1 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 178.250.0.165 44788 (ASN-CRITE...)
2 2 3.123.210.158 16509 (AMAZON-02)
6 7 54.208.157.219 14618 (AMAZON-AES)
2 3 34.247.104.176 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
4 4 52.59.102.119 16509 (AMAZON-02)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 2 54.37.44.146 16276 (OVH)
2 2 18.185.0.221 16509 (AMAZON-02)
1 54.194.13.58 16509 (AMAZON-02)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 2001:678:cb4:... ()
2 2 34.240.2.137 ()
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 ()
1 1 34.98.107.212 ()
1 7 35.244.159.8 15169 (GOOGLE)
1 37.157.6.241 198622 (ADFORM)
2 3.122.214.165 16509 (AMAZON-02)
910 130
68    2606:4700:3032::ac43:ca88 (United States)

ASN13335 (CLOUDFLARENET, US)
www.botasot.info
ads.botasot.info
6    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.79.176.48 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
3    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700:3037::ac43:d48b (United States)

ASN13335 (CLOUDFLARENET, US)
pahtag.tech
1    2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
2    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.226.159.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-106.dus51.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
2    2600:9000:2127:8400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
2    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
13    2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
2    65.9.96.19 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
tags.crwdcntrl.net
13    2606:4700:3035::6815:2f1c (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
32    151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
8    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
8    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
8    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
9    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
8    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
34    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
10    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
8    54.72.19.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
p.cpx.to
8    13.225.84.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-15.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
24    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8    2600:9000:2182:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
63    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
c.mgid.com
38    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    67.202.94.94 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
11    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
33    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
30    52.49.114.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    108.128.254.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
3    52.56.207.211 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    23.210.249.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com
pixel.mathtag.com
8    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
8    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
cdn.pbstck.com
16    51.89.21.31 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p22.id5-sync.com
id5-sync.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
6    18.157.138.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
19    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtcontent.com
ghb.adtelligent.com
ghb1.adtelligent.com
ads59.adtelligent.com
35    63.34.130.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
8    176.34.121.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
4    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
13    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
16    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
7    18.195.130.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
1    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
7    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
rtb-usw.mfadsrvr.com
22    3.121.79.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
7    35.157.249.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
4    104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
6    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    34.96.106.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
s.seedtag.com
4    3.127.166.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
8    2606:4700:e0::ac40:6208 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
user-sync.adxpremium.services
1    18.158.174.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
2    87.98.252.5 (France)

ASN16276 (OVH, FR)
PTR: ip5.ip-87-98-252.eu
green.erne.co
1    35.227.247.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
mp.4dex.io
1    168.119.127.61 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
1    2600:9000:2127:8600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2a0c:5c81:5160::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
3    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
sync.adtelligent.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    2a0c:5c81:5101::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
dsp3.adtelligent.com
1    212.224.118.36 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
ad.admitad.com
1    2606:4700:20::ac43:462b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.admitad-connect.com
2    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
7    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.180 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
3    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
3    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
17    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    2606:4700:3033::ac43:dcda (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.rtbsrv.com
161    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
15.taboola.com
imprammp.taboola.com
10    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
4    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    213.19.147.151 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.targeting.unrulymedia.com
2    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
6    52.4.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    159.69.64.14 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.richaudience.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
3    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    217.156.250.128 (United Kingdom)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:cff3:ca6f:14e6:5ad7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadeu.exelator.com
loadm.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.108 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
5    52.210.253.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.31.77.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.0.135.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
3    18.185.197.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
15    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
trc-events.taboola.com
9    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
vidstat.taboola.com
c3.taboola.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
3    52.51.160.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    139.162.117.143 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1601-143.members.linode.com
s.c.appier.net
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    35.210.215.44 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.programattik.com
2    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    88.221.62.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-62-154.deploy.static.akamaitechnologies.com
px.owneriq.net
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    54.85.167.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-167-1.compute-1.amazonaws.com
um2.eqads.com
1    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
3    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    3.123.210.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
7    54.208.157.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
3    34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
ml314.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
4    52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    2600:1f18:444a:4602:fff0:3de7:a67e:fe5f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    54.37.44.146 (France)

ASN16276 (OVH, FR)
p.crm4d.com
2    18.185.0.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-0-221.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    54.194.13.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN- ()
ad.turn.com
2    34.240.2.137 (Dublin, Ireland)

ASN- ()
ads.avct.cloud
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN- ()
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN- ()
ads.playground.xyz
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
adtelligent-d.openx.net
eu-u.openx.net
us-u.openx.net
1    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
188 taboola.com
cdn.taboola.com
trc.taboola.com
sync.taboola.com
match.taboola.com
sync-t1.taboola.com
cds.taboola.com
images.taboola.com
15.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
trc-events.taboola.com
3 MB
68 botasot.info
www.botasot.info
ads.botasot.info
709 KB
64 mgid.com
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
c.mgid.com
437 KB
48 pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
100 KB
43 cpx.to
p.cpx.to
s.cpx.to
49 KB
43 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
26 KB
38 youtube.com
www.youtube.com
3 MB
34 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
13 KB
32 rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
67 KB
32 themoneytizer.com
ads.themoneytizer.com
2 MB
30 adsrvr.org
match.adsrvr.org
15 KB
29 bidswitch.net
pool.grid-data.bidswitch.net
x.bidswitch.net
9 KB
24 adtelligent.com
ghb.adtelligent.com
player.adtelligent.com
ghb1.adtelligent.com
s.adtelligent.com
sync.adtelligent.com
ads59.adtelligent.com
dsp3.adtelligent.com
35 KB
24 smartadserver.com
ww1097.smartadserver.com
sync.smartadserver.com
rtb-csync.smartadserver.com
5 KB
22 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
21 KB
17 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
20 KB
16 casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
12 KB
16 id5-sync.com
id5-sync.com Failed
26 KB
16 criteo.com
gum.criteo.com
bidder.criteo.com Failed
dis.criteo.com
5 KB
14 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
241 KB
13 projectagora.net
projectagora.net
1 MB
13 projectagoraservices.com
ads.projectagoraservices.com
56 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
114 KB
11 rlcdn.com
api.rlcdn.com
idsync.rlcdn.com
2 KB
10 openx.net
adtelligent-d.openx.net Failed
rtb.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
10 adform.net
c1.adform.net
dmp.adform.net
cm.adform.net
3 KB
10 mfadsrvr.com
rtb-usw.mfadsrvr.com
rtb.mfadsrvr.com
4 KB
10 quantserve.com
secure.quantserve.com
pixel.quantserve.com
71 KB
9 cloudfront.net
d31qbv1cthcecs.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
209 KB
8 liadm.com
i.liadm.com
i6.liadm.com
4 KB
8 adxpremium.services
rtb.adxpremium.services
user-sync.adxpremium.services
9 KB
8 adleadevent.com
adtrack.adleadevent.com
4 KB
8 quantcount.com
rules.quantcount.com
8 KB
8 indexww.com
js-sec.indexww.com
103 KB
8 onetag-sys.com
onetag-sys.com
6 KB
8 leadplace.fr
tag.leadplace.fr
31 KB
8 sascdn.com
ced-ns.sascdn.com
81 KB
8 themoneytizer.net
g.themoneytizer.net
7 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
7 360yield.com
ad.360yield.com
ice.360yield.com Failed
3 KB
6 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
13 KB
6 audrte.com
a.audrte.com
6 KB
6 w55c.net
pm.w55c.net Failed
5 KB
5 contextweb.com
bh.contextweb.com
2 KB
5 tapad.com
pixel.tapad.com
2 KB
5 creativecdn.com
creativecdn.com
ams.creativecdn.com
1 KB
5 mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
5 agkn.com
aa.agkn.com
d.agkn.com
2 KB
5 facebook.com
www.facebook.com
262 KB
5 google.com
www.google.com
41 KB
4 advertising.com
pixel.advertising.com
1 KB
4 lijit.com
ce.lijit.com
2 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 exelator.com
loadeu.exelator.com
loadm.exelator.com
3 KB
4 1rx.io
sync.1rx.io
3 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 perf-serving.com
prod.perf-serving.com
3 KB
4 idealmedia.io
cm.idealmedia.io
778 B
4 lentainform.com
cm.lentainform.com
848 B
4 ytimg.com
i.ytimg.com
176 KB
4 ggpht.com
yt3.ggpht.com
12 KB
3 ml314.com
ml314.com
1 KB
3 owneriq.net
px.owneriq.net
1 KB
3 gumgum.com
rtb.gumgum.com
726 B
3 bluekai.com
tags.bluekai.com
2 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
933 B
3 mookie1.com
odr.mookie1.com
536 B
3 richaudience.com
sync.richaudience.com
1 KB
3 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
924 B
3 simpli.fi
um.simpli.fi
2 KB
3 semasio.net
uipglob.semasio.net
2 KB
3 criteo.net
static.criteo.net
38 KB
2 eyeota.net
ps.eyeota.net
688 B
2 avct.cloud
ads.avct.cloud
894 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 crm4d.com
p.crm4d.com
991 B
2 eqads.com
um2.eqads.com
563 B
2 programattik.com
ads.programattik.com
1 KB
2 bttrack.com
bttrack.com
760 B
2 appier.net
s.c.appier.net
706 B
2 emxdgt.com
e1.emxdgt.com
81 B
2 adkernel.com
dsp.adkernel.com
466 B
2 weborama.fr
idsync.frontend.weborama.fr
842 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 tidaltv.com
sync.tidaltv.com
791 B
2 dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
208 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 rtbsrv.com
dmp.rtbsrv.com
1 KB
2 de17a.com
d5p.de17a.com
268 B
2 connectad.io
cdn.connectad.io
sync-eu.connectad.io
1 KB
2 erne.co
green.erne.co
619 B
2 adtcontent.com
ghb.adtcontent.com
3 KB
2 pbstck.com
boot.pbstck.com
cdn.pbstck.com
44 KB
2 demdex.net
dpm.demdex.net
2 KB
2 facebook.net
connect.facebook.net
62 KB
2 consensu.org
quantcast.mgr.consensu.org
69 KB
1 playground.xyz
ads.playground.xyz
488 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 adgrx.com
cm.adgrx.com
408 B
1 bidr.io
match.prod.bidr.io
430 B
1 quantumdex.io
sync.quantumdex.io
607 B
1 theadex.com
dmp.theadex.com
378 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 navdmp.com
tag.navdmp.com
4 KB
1 admitad-connect.com
cdn.admitad-connect.com
21 KB
1 admitad.com
ad.admitad.com
247 B
1 geoedge.be
rumcdn.geoedge.be
1 splicky.com
bidswitch-eu.splicky.com
218 B
1 4dex.io
mp.4dex.io
364 B
1 sharethrough.com
match.sharethrough.com
263 B
1 seedtag.com
s.seedtag.com
507 B
1 adotmob.com
sync.adotmob.com
655 B
1 amung.us
whos.amung.us
147 B
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 alexametrics.com
certify.alexametrics.com
552 B
1 google.de
www.google.de
107 B
1 aghtag.tech
aghtag.tech
110 KB
1 waust.at
waust.at
4 KB
1 pahtag.tech
pahtag.tech
3 KB
1 windows.net
gjstatic.blob.core.windows.net
8 KB
0 oftads360.com Failed
p.oftads360.com Failed
910 126
Domain Requested by
75 cdn.taboola.com www.botasot.info
cdn.taboola.com
49 images.taboola.com www.botasot.info
cdn.taboola.com
vidstat.taboola.com
38 www.youtube.com www.botasot.info
www.youtube.com
37 ads.botasot.info www.botasot.info
ads.botasot.info
35 trc.taboola.com 1 redirects spl.zeotap.com
cdn.taboola.com
www.botasot.info
35 s.cpx.to p.cpx.to
www.botasot.info
33 cm.g.doubleclick.net 30 redirects www.botasot.info
eu-u.openx.net
32 ads.themoneytizer.com ads.botasot.info
ads.themoneytizer.com
31 www.botasot.info www.botasot.info
30 match.adsrvr.org 20 redirects js-sec.indexww.com
ssum.casalemedia.com
eu-u.openx.net
27 cm.mgid.com jsc.mgid.com
www.botasot.info
22 x.bidswitch.net 22 redirects
21 mwzeom.zeotap.com 1 redirects www.botasot.info
spl.zeotap.com
ads.pubmatic.com
ads.us.e-planning.net
cdn.taboola.com
17 simage2.pubmatic.com 1 redirects ads.pubmatic.com
www.botasot.info
cdn.taboola.com
image6.pubmatic.com
17 cdn.mgid.com www.botasot.info
jsc.mgid.com
16 image2.pubmatic.com 8 redirects ads.pubmatic.com
image6.pubmatic.com
16 id5-sync.com www.botasot.info
14 sync.smartadserver.com 7 redirects www.botasot.info
13 token.rubiconproject.com www.botasot.info
s.cpx.to
eus.rubiconproject.com
13 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
ads.us.e-planning.net
13 projectagora.net ads.projectagoraservices.com
13 ads.projectagoraservices.com ads.botasot.info
12 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
ads.us.e-planning.net
user-sync.adxpremium.services
11 ib.adnxs.com 9 redirects player.adtelligent.com
10 sync.taboola.com 4 redirects www.botasot.info
10 secure.adnxs.com 9 redirects acdn.adnxs.com
10 s-img.mgid.com jsc.mgid.com
www.botasot.info
9 gum.criteo.com ads.themoneytizer.com
static.criteo.net
8 ads59.adtelligent.com www.botasot.info
ads59.adtelligent.com
8 ghb.adtelligent.com www.botasot.info
player.adtelligent.com
8 adtrack.adleadevent.com ajax.googleapis.com
8 as-sec.casalemedia.com js-sec.indexww.com
8 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
8 api.rlcdn.com js-sec.indexww.com
8 rules.quantcount.com secure.quantserve.com
8 js-sec.indexww.com ads.themoneytizer.com
8 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
8 p.cpx.to ads.themoneytizer.com
8 secure.quantserve.com ads.themoneytizer.com
8 onetag-sys.com ads.themoneytizer.com
8 tag.leadplace.fr ads.themoneytizer.com
8 ced-ns.sascdn.com www.botasot.info
8 ww1097.smartadserver.com 8 redirects
8 g.themoneytizer.net ads.themoneytizer.com
7 i.liadm.com 6 redirects www.botasot.info
7 ads.pubmatic.com user-sync.adxpremium.services
ads.pubmatic.com
ads.us.e-planning.net
7 rtb-usw.mfadsrvr.com 7 redirects
7 pool.grid-data.bidswitch.net www.botasot.info
s.cpx.to
7 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
6 a.audrte.com 3 redirects ads.us.e-planning.net
a.audrte.com
www.botasot.info
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
6 rtb.adxpremium.services player.adtelligent.com
s.adtelligent.com
ads.pubmatic.com
www.botasot.info
ads.us.e-planning.net
6 c1.adform.net 6 redirects
6 pm.w55c.net www.botasot.info
6 fonts.googleapis.com www.botasot.info
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
um2.eqads.com
5 bh.contextweb.com 3 redirects www.botasot.info
cdn.taboola.com
5 pixel.tapad.com 3 redirects spl.zeotap.com
image6.pubmatic.com
5 ups.analytics.yahoo.com 3 redirects www.botasot.info
5 s.e-planning.net ads.us.e-planning.net
5 secure-assets.rubiconproject.com 5 redirects
5 www.facebook.com connect.facebook.net
www.facebook.com
www.botasot.info
5 www.google.com 1 redirects www.youtube.com
4 eu-u.openx.net 1 redirects player.adtelligent.com
eu-u.openx.net
4 pixel.advertising.com 4 redirects
4 sync.crwdcntrl.net 2 redirects www.botasot.info
cdn.taboola.com
4 sync-t1.taboola.com www.botasot.info
4 ce.lijit.com 2 redirects www.botasot.info
4 sync-tm.everesttech.net 4 redirects
4 sync.1rx.io 4 redirects
4 ads.us.e-planning.net 3 redirects user-sync.adxpremium.services
4 sync.mathtag.com 4 redirects
4 visitor.fiftyt.com 4 redirects
4 dis.criteo.com 2 redirects image6.pubmatic.com
4 ice.360yield.com player.adtelligent.com
4 prod.perf-serving.com 4 redirects
4 cm.idealmedia.io www.botasot.info
cm.mgid.com
4 cm.lentainform.com www.botasot.info
cm.mgid.com
4 creativecdn.com 4 redirects
4 www.gstatic.com www.youtube.com
4 i.ytimg.com www.youtube.com
4 yt3.ggpht.com www.youtube.com
4 static.doubleclick.net www.youtube.com
4 googleads.g.doubleclick.net www.youtube.com
4 servicer.mgid.com jsc.mgid.com
4 jsc.mgid.com ads.botasot.info
www.botasot.info
3 loadm.exelator.com 1 redirects www.botasot.info
cdn.taboola.com
3 idsync.rlcdn.com 2 redirects www.botasot.info
3 ml314.com 2 redirects www.botasot.info
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 cds.taboola.com www.botasot.info
3 rtb.gumgum.com 3 redirects
3 match.taboola.com www.botasot.info
image6.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 tags.bluekai.com 1 redirects www.botasot.info
cdn.taboola.com
3 odr.mookie1.com spl.zeotap.com
www.botasot.info
cdn.taboola.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 um.simpli.fi 1 redirects ads.pubmatic.com
image6.pubmatic.com
3 uipglob.semasio.net 1 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 rtb.openx.net 3 redirects
3 sync.adtelligent.com 1 redirects s.adtelligent.com
3 bidder.criteo.com player.adtelligent.com
static.criteo.net
3 ad.360yield.com 2 redirects www.botasot.info
3 aa.agkn.com 3 redirects
3 static.criteo.net www.botasot.info
2 us-u.openx.net eu-u.openx.net
2 ps.eyeota.net www.botasot.info
2 ads.avct.cloud 2 redirects
2 pixel.quantserve.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 p.crm4d.com 2 redirects
2 d.agkn.com 2 redirects
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 ads.programattik.com 2 redirects
2 bttrack.com www.botasot.info
cdn.taboola.com
2 s.c.appier.net 2 redirects
2 e1.emxdgt.com www.botasot.info
2 dsp.adkernel.com www.botasot.info
cdn.taboola.com
2 rtb-csync.smartadserver.com www.botasot.info
cdn.taboola.com
2 pixel.rubiconproject.com www.botasot.info
2 simage4.pubmatic.com ads.pubmatic.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 sync.e-planning.net ads.us.e-planning.net
2 sync.targeting.unrulymedia.com 2 redirects
2 dmp.rtbsrv.com 2 redirects
2 aud.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com image6.pubmatic.com
2 dsp3.adtelligent.com www.botasot.info
2 user-sync.adxpremium.services player.adtelligent.com
user-sync.adxpremium.services
2 green.erne.co 2 redirects
2 c.mgid.com www.botasot.info
2 ghb.adtcontent.com jsc.mgid.com
2 dpm.demdex.net 2 redirects
2 connect.facebook.net www.botasot.info
connect.facebook.net
2 quantcast.mgr.consensu.org www.botasot.info
quantcast.mgr.consensu.org
2 stats.g.doubleclick.net 1 redirects www.botasot.info
1 cm.adform.net www.botasot.info
1 trc-events.taboola.com cdn.taboola.com
1 c3.taboola.com www.botasot.info
1 imprammp.taboola.com www.botasot.info
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 match.prod.bidr.io image6.pubmatic.com
1 15.taboola.com cdn.taboola.com
1 i6.liadm.com www.botasot.info
1 sync.quantumdex.io ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 usermatch.krxd.net 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net spl.zeotap.com
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 sync.go.sonobi.com ads.us.e-planning.net
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io user-sync.adxpremium.services
1 cdn.admitad-connect.com www.botasot.info
1 ad.admitad.com 1 redirects
1 s.adtelligent.com user-sync.adxpremium.services
1 acdn.adnxs.com player.adtelligent.com
1 rumcdn.geoedge.be www.botasot.info
1 bidswitch-eu.splicky.com 1 redirects
1 mp.4dex.io www.botasot.info
1 match.sharethrough.com www.botasot.info
1 ghb1.adtelligent.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 s.seedtag.com www.botasot.info
1 ams.creativecdn.com 1 redirects
1 player.adtelligent.com ghb.adtcontent.com
1 cdn.pbstck.com boot.pbstck.com
1 sync.adotmob.com 1 redirects
1 boot.pbstck.com ads.themoneytizer.com
1 pixel.mathtag.com 1 redirects
1 whos.amung.us waust.at
1 cdn.jsdelivr.net www.botasot.info
1 certify.alexametrics.com www.botasot.info
1 www.google.de www.botasot.info
1 aghtag.tech pahtag.tech
1 d31qbv1cthcecs.cloudfront.net www.botasot.info
1 waust.at www.botasot.info
1 pahtag.tech www.botasot.info
1 gjstatic.blob.core.windows.net www.botasot.info
0 p.oftads360.com Failed player.adtelligent.com
910 205

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
widgets.mgid.com
www.mgid.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-09 -
2021-08-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2020-12-02 -
2021-12-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2020-05-22 -
2021-06-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
paadserver.projectagora.info
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA		 2021-02-14 -
2022-03-17		 a year crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2020-09-11 -
2021-09-12		 a year crt.sh
onetag-sys.com
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
*.id5-sync.com
R3		 2020-12-26 -
2021-03-26		 3 months crt.sh
ghb.adtcontent.com
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
adtrack.adleadevent.com
Amazon		 2020-06-15 -
2021-07-15		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
ghb.adtelligent.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-03-06 -
2022-03-06		 2 years crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-31 -
2022-04-14		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ghb1.adtelligent.com
R3		 2021-01-26 -
2021-04-26		 3 months crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
mp.4dex.io
GTS CA 1D2		 2021-01-19 -
2021-04-19		 3 months crt.sh
rumcdn.geoedge.be
Amazon		 2020-10-02 -
2021-11-03		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-02-02 -
2022-02-06		 a year crt.sh
s.adtelligent.com
R3		 2021-02-06 -
2021-05-07		 3 months crt.sh
sync.adtelligent.com
R3		 2021-02-05 -
2021-05-06		 3 months crt.sh
ads59.adtelligent.com
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
dsp3.adtelligent.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2020-06-16 -
2021-06-16		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.semasio.net
Sectigo ECC Domain Validation Secure Server CA		 2020-03-09 -
2021-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
ads.us.e-planning.net
R3		 2021-01-05 -
2021-04-05		 3 months crt.sh
*.e-planning.net
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL RSA CA 2018		 2019-03-07 -
2021-04-05		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-10-15 -
2021-04-09		 6 months crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh

This page contains 111 frames:

Primary Page: https://www.botasot.info/
Frame ID: 2DB8238909AE2D122E8CC7B510EEB9DF
Requests: 114 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211273
Frame ID: 723F37FD801367660A3DDE9510804BC8
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258&cmp=0
Frame ID: 1EEF22A5FC91CD167838684D9EE79A62
Requests: 9 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Frame ID: 1E92E0EC193DBE1BBF9D23C07ADECFAE
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Frame ID: 1ACCEE82B7B24884A1BFC0549123797B
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Frame ID: C449EA0C644EF295B64693D0FEBB2E1B
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Frame ID: 7CAD5B88C65942FB146CDA914C9FD07A
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 5818A894C6629594888AFF4523FFC880
Requests: 5 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5234
Frame ID: 6961ECECCBF317644FD2E79CE9425D84
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5236
Frame ID: 919CC937812DFE9DC2DC51E86F9EB0ED
Requests: 3 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=2
Frame ID: 7BA8FF9F936413134A3E4BE7657114C9
Requests: 30 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=1
Frame ID: EC81EDA6A599E53A0B3E75EE85C1C23A
Requests: 28 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Frame ID: 66DE17E902BC615B2A01F20AAC925C02
Requests: 4 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/o/botasot.info.94395.js
Frame ID: C6F88B44D6FC95F4FDCBF4EE8C93ECEF
Requests: 28 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=2
Frame ID: 827ECBC5E287F59B5E8E5021A6CDDD1E
Requests: 28 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=19
Frame ID: E12B419C35A832BB9C290802F223EADD
Requests: 28 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=19
Frame ID: 632A3244216728D1F94D02E793FB1958
Requests: 28 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=28
Frame ID: E8AFE6A0339572FD35234DE8B2ADB798
Requests: 28 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5233
Frame ID: 2541C93F7D5CF6352B280956417B6F79
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: E384B47293D1E5944E1487A652907762
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: 805ACA104490F95C204788326798BD6A
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: 15F5C295F77CB731E29DEABAA240C2E9
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=7502
Frame ID: C97433C6F6E873D41F9ACE08CA136468
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: 4CCD64C489990E651996BF9B7C9C732F
Requests: 3 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=28
Frame ID: FDF6926C965AA1D0C89F7C03A958EE54
Requests: 28 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Frame ID: 19FBE8D2B3370AA606454D173BC7D092
Requests: 2 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: 83D6CAB15C56FE374AF7B200FA49837F
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: 417A19416F2AF65BAFAD955CCDD5E873
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5231
Frame ID: 3ABAEF13E1034324A090922B08B7C8BE
Requests: 3 HTTP requests in this frame

Frame: https://ads.projectagoraservices.com/?id=5233
Frame ID: 44EC3466275F10E73484A9FA89A458B6
Requests: 3 HTTP requests in this frame

Frame: https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=556&campaignid=1&zoneid=161&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=ba1c77a8a5
Frame ID: DFB72173087126F4D137FA87C572F6E1
Requests: 20 HTTP requests in this frame

Frame: https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=556&campaignid=1&zoneid=89&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=1f6fd522d1
Frame ID: 211F13B199128E08B815C2FC5BE671D8
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211691
Frame ID: 5122485CC647AF0721D0AA3C7DDD198C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 451FDDF4083F4C9CC53D621EA5F22202
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211702
Frame ID: EA27DE5D3961339AB8F8417973EACE57
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 9E7F98947FA401F6BED408A9B5267420
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211707
Frame ID: 1CF2F5816F00404B4DE76A62D59E8AD9
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 3EF832FF0FDED8140C8A9D69FED176B7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211713
Frame ID: FB755E4271FA80CBEEEE7186BB22E8FB
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 50AE79646DE21D6795E74E1E9BBA224A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211722
Frame ID: 61CE12CBE75B2018D72B90001F63A033
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 1DE29B583B01A27BF85C74B7B272FC41
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211727
Frame ID: B343EE21111650776B0C8E2B33F31AB9
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: EB1956CC693E1F6DB3BAC60D25B349A3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211743
Frame ID: 16D5974D4C39324089A5B344DA809C05
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 8EE3517A6B4A0256D25CFB64CC313A78
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=16154182132248754032
Frame ID: 921E9C06F1364D07365DC3352EED92FF
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1615418213266248399360
Frame ID: E1041EB029A0D1D64409EF817FD57461
Requests: 1 HTTP requests in this frame

Frame: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Frame ID: 8E1D8E7B30E341CE83E4CF423ED8FD80
Requests: 18 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1615418213286436757009
Frame ID: 1ECC9A237B185564282500FA1D4DF946
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1615418213311861938524
Frame ID: E66FACDBF691DC3ADDCC85DC9F8CD688
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: B027A60C300FCEC015129FC2470FC08B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 00E146F57F2FD8DF7DBF133DFB260C47
Requests: 3 HTTP requests in this frame

Frame: https://p.oftads360.com/prebidmg/118696/j.html?i=8208
Frame ID: 7B3B5F7A83D1B713A2AA10458C941444
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 4A1F7F1E518FA2951A74B65436C6ECAA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: DD0BF3931C4E658D3F347D31E70CCBDB
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/0114343c-636b-4878-a7f6-78c6f5d10797/grumi.js
Frame ID: 9B73F3482C0B529F97C288DEC01FA395
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E805272F6398A7CD3B1322E4B975B7BC
Requests: 2 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: A9DED42DF2850F7F0544D342F41F25CA
Requests: 4 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 48FE50597344B26BF503ADB8F35F5C28
Requests: 4 HTTP requests in this frame

Frame: https://dsp3.adtelligent.com/banner/?adid=036AB1C911EC587F.L5339S0C6267
Frame ID: A1938928F7064EE7DC865C07C8ABA023
Requests: 1 HTTP requests in this frame

Frame: https://dsp3.adtelligent.com/tracking/impression/?adid=036AB1C911EC587F.L5339S0C6267
Frame ID: 384A19E5474BBD5E87AD8889A08E0FFA
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: AD4B8652CC0E63FCDC4EADABB7A08165
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: D64B8810188748901D4B988493BBB991
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 028CE611F613BED373ACFFE4EB7C178C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 510A710EBDB7B827326864160D2A2445
Requests: 11 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8B4D017A14F2B1C533971E647403B680
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 285193D534E96A65EF010E2CE9F90C67
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=82111B88-F146-4E86-ABC8-ADC1A441E433
Frame ID: 9EE0443E0C1B5B23542526198C0E5172
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Frame ID: 22968F15B6F38BCD17724A93D1490759
Requests: 17 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: B37F3C9BB7FCD4DEF295E39D0B22E16C
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 7F2C8810121BDD8863E81A16B1B52398
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6ae8b76685acde3e%26uid%3D
Frame ID: C7100D042E3FFC71199810CC17355FB6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9C22FEB6CCB758F4F875A019E9430AB5
Requests: 26 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Frame ID: 91FB87EBF60243DF48E2698F8CF9D808
Requests: 9 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&cmp=0
Frame ID: 5F993073FE0B3D26E7A4566C2288EF22
Requests: 24 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&isDirect=0
Frame ID: 0B1C2B2C239FEE932D41B58055EACA5E
Requests: 19 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Frame ID: A8355907A5AB9E3ED28945C94DA7BD56
Requests: 16 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot160x600gr-r17261820/loader.js
Frame ID: 90B2919F23C8057688DA6920885A4FB7
Requests: 16 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Frame ID: 35090D548B217B3570A77C410DC304D3
Requests: 16 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: 887AEE9ECADE8681F3CC9B334C84C0C4
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: F7D2ADE5F162440FF30F4CB3A9FCD9F7
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: 24F644D9AAEFD8D9AD0190D34D538EA3
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: BA67F092DF28A3A180717763691B36CD
Requests: 7 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: D50214C5C57C0D733AA442A1E5027962
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: FE9C217C71CB11F9BB69ACF02DF9E426
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Frame ID: A5B2BB233E983512EFE5DD055D748DF0
Requests: 7 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 9AE7624F8CB7D1653DE8B475311DFF43
Requests: 2 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/botasot300x600gr-r17261822/loader.js
Frame ID: D06E41348CB055C5788815A290241954
Requests: 27 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/35972623d90583f7/040321.html
Frame ID: 9ADD1C9E132CBE7E90E84FD7B3D1A5C8
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: BF3BA9B8D1882E924DDAF2EABCB7BA7D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AATvTG4nezhKj3ly
Frame ID: 0B8FAC9D0F1C6E8A4DC37E18857345A1
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Frame ID: 2D2FE053FFBC26BD1E3C4A9665B25151
Requests: 11 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Frame ID: 5E137D8719CF944A7E2E8FBEC53F5FE6
Requests: 29 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C2F83237CD2B94002F90248FBBEB2B40
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 19E9A0727A02A241BDEE270BC24D1690
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: F7C7AE7BBFD27F92AF4A4CE0158A6804
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938168445746477198
Frame ID: EE224A1745719648DC249BEB6EEF8CE2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Gw4EtpASaWQd6fzzvtKWc01
Frame ID: 05F7D79D52CB2F88566B0C5AF771CF50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5528d09e-a202-472c-90a9-e9d262864760-003
Frame ID: FA991693511086FEDC667286C57EB1F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 96DA6D94BE4A1B610BD8AFA08AB0DC0C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 659195086CCB4DB9FF3D9A20CA0D447D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=MXSV1ZexnqKu&pid=557219
Frame ID: 986F3F0A751B4C0CD7287341EEA5B59D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 0BD94C6D5F2DD9AD1F45A9C9852343FE
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 5718C0D789ECEF16F87BDF3A7965D699
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mTbvcC7t1Lk84C5&gdpr=0&gdpr_consent=
Frame ID: C77A4D1173C8C321C8C18B296C3097BB
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=6ae8b76685acde3e&uid=C36F9046-E764-4A78-B59A-7F603746D88C
Frame ID: 11FD05220239A85C061CFB0680CA1475
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=7FBA767CF34048628021768342388&cicmp=1337627&cijs=1&dast=V7TfACFgOyt4Gs0v0yrQSyt4Gs0v0yrQUAAAAGBugHHTejMHiz3YbGGQ1Gw9lkOFgsBpPNZrJbLAZTMNjC53R3tyEDTafD57rX636_u8Rvenj-prvSbvP75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAZDEQTEPp930Vjssp6fdLfIJXZaX5x8AAA8FIAAAAhgkAAKJhSUADneLJwAAAAd1Mk_bLP____8xAHnvTTIAFGkbNwY9AA8-AA9CAAAAF0Pu9ywdYCBBNEQFlUWMAAAAALIVnxmPJnVCZVH1____bwVwBQAQgOfRVj6SdXNSzBoGAAAAMLZAD4vfb3bYNX63y_7_________zf7PANCEaEav04BwR6_VeEauFdZ-AQEA2N4NAOBNAC7mAOwAAAAA7v7____zAAAACPYo2V6r8exR1vsMtvA53d31m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkwuZ8uRbbday0yb4Vo0sYzcyuFk5lbNPKORyzXb7RaGtej1Mf1Gk5FxZfHjgyx2c8VmOJcMdnPFaLBKAAAAAAAAAABLmDJvAgAAAHAaxGw22e1W3HizZ4JYq9WyBgAAAODWjRw!&excid=22&tst=1&docw=0&cs=false
Frame ID: 762B13480AA2CF1F33634403604A299A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 2CC015942ADBE21EEA22C0DD5992BA7B
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Frame ID: C45C85D8AD0B25ADF6198173DA616708
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.botasot.info
Frame ID: E5C118021E04CED71CFD38190631B47E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

910
Requests

99 %
HTTPS

28 %
IPv6

126
Domains

205
Subdomains

130
IPs

12
Countries

12033 kB
Transfer

35643 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=239860280&utmhn=www.botasot.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bota%20Sot&utmhid=1956835165&utmr=-&utmp=%2F&utmht=1615418211022&utmac=UA-35000153-1&utmcc=__utma%3D132111644.843605949.1615418211.1615418211.1615418211.1%3B%2B__utmz%3D132111644.1615418211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1724650820&utmredir=3&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35000153-1&cid=843605949.1615418211&jid=1724650820&_v=5.7.2dc&z=239860280 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35000153-1&cid=843605949.1615418211&jid=1724650820&_v=5.7.2dc&z=239860280&slf_rd=1&random=1067807114
Request Chain 44
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 72
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=714ae15d-1dc7-4b08-8208-d979845f1a31&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1441152202336771100&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=B9174A32A1C02B3D&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
Request Chain 133
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c931cc4f%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=1086387011141840971&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKgY-E8QiI0wdBkgPGid0lU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Request Chain 135
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c931cc4f%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c931cc4f%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Request Chain 136
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d52e71b6-7865-4691-51fa-468f255a2381&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c931cc4f%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d52e71b6-7865-4691-51fa-468f255a2381&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c931cc4f%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=32804388302590621912429865611530369633&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Request Chain 137
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hewZd%2BUUo9k96G90KGbYI5gRLgMW5CeE%2BS41iYitP1U%3D
Request Chain 138
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c931cc4f%26uc%3D2%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=85656049-5363-4200-9abb-87f586014265&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Request Chain 155
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 157
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 159
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 171
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=dc4be718-fd7e-41e3-a920-eb94c6bbd6cf&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1657327183473810907&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=8F7654F1B9F01445&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa2204023af04687f3b962&gdpr=1&gdpr_consent=
Request Chain 174
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 185
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=ae0f9690-dc64-4a73-aae7-62229ed43562&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1369094608298843277&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=B9174A32A1C02B3D&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/2/8.gif?puid=67450c7890d23c6507f482740139ea14&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa220402a3c4e17b1f6af4&gdpr=1&gdpr_consent=
Request Chain 187
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 189
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 200
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=ae0f9690-dc64-4a73-aae7-62229ed43562&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1657324984450553504&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=44CBAA560F48B604&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa22040219e82de36eca5f&gdpr=1&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F0%2F10.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
Request Chain 211
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=a4382e1f-b74c-443e-9e6a-4bfce44247ac&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1585267390412620210&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=44CBAA560F48B604&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa22040269b45562265fa5&gdpr=1&gdpr_consent=
Request Chain 228
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=a4382e1f-b74c-443e-9e6a-4bfce44247ac&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1369094608298840689&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=C54092948ACF436E&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa220402754b9eb2ab1769&gdpr=1&gdpr_consent=
Request Chain 239
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F8%2F2.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/8/2.gif?puid=05fa2204020fbfa235e406f4&gdpr=1&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F7%2F3.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F7%2F3.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/163/7/3.gif?puid=H8HdPzkR1Lk84w5&gdpr=1&gdpr_consent=
Request Chain 246
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 257
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F8%2F2.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F8%2F2.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/163/8/2.gif?puid=CuELjBo41Lk84w5&gdpr=1&gdpr_consent=
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 387
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Request Chain 388
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Request Chain 389
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6&cklb=1
Request Chain 390
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 416
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 418
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d&cklb=1
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 421
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Request Chain 422
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Request Chain 427
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 430
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e&cklb=1
Request Chain 431
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Request Chain 432
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 438
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139&cklb=1
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 440
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Request Chain 441
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Request Chain 443
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 445
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022&cklb=1
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 447
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Request Chain 448
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Request Chain 450
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 452
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Request Chain 453
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 455
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&cklb=1
Request Chain 457
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Request Chain 459
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593&cklb=1
Request Chain 460
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=12565106-853d-45e0-a3e1-3c14ee960593
Request Chain 461
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=12565106-853d-45e0-a3e1-3c14ee960593 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=12565106-853d-45e0-a3e1-3c14ee960593&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Request Chain 467
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 468
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid&tc=1
Request Chain 469
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf HTTP 302
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Request Chain 471
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l2aQczTrjTgf HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=a8254cc1-d604-4469-84d9-5428611b55b6 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=a8254cc1-d604-4469-84d9-5428611b55b6
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
Request Chain 474
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7063067012202087846&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 486
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
Request Chain 487
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Request Chain 488
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=a8254cc1-d604-4469-84d9-5428611b55b6
Request Chain 490
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf HTTP 302
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Request Chain 491
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
Request Chain 492
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=fd5aea07-d874-4b6f-9c9a-8b21ffaebcc5&ssp=mgid&user_group=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 494
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf HTTP 302
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Request Chain 506
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 507
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a8254cc1-d604-4469-84d9-5428611b55b6&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 508
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
Request Chain 509
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Request Chain 510
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=3VoFHT4e12yOxqXnbObSWc00&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 511
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
Request Chain 514
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf HTTP 302
  • https://mp.4dex.io/setuid?bidder=bidswitch&uid=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf HTTP 302
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Request Chain 517
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=a8254cc1-d604-4469-84d9-5428611b55b6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=a8254cc1-d604-4469-84d9-5428611b55b6 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 519
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 520
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
Request Chain 521
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Request Chain 537
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1086387011141840971
Request Chain 538
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
Request Chain 539
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=1ef38235b7694f7a
Request Chain 549
  • https://ad.admitad.com/b/zfd4poaerd36479d277116525dc3e8/ HTTP 302
  • https://cdn.admitad-connect.com/public/bs/2020/06/16/b54da380b306da0723b589684d2df04a.png
Request Chain 561
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ghEbiPFGToaryK3BpEHkMw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 564
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=82111B88-F146-4E86-ABC8-ADC1A441E433&addseg=12,35,41
Request Chain 565
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODIxMTFCODgtRjE0Ni00RTg2LUFCQzgtQURDMUE0NDFFNDMz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 566
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAGgox8uHtXPREusFmyq-_o&google_cver=1
Request Chain 568
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85656049-5363-4200-9abb-87f586014265&gdpr=0&gdpr_consent=
Request Chain 569
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=PHt9jAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcOGP5T HTTP 302
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=1086387011141840971&mpk=PHt9jAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcOGP5T HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=1086387011141840971
Request Chain 571
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Request Chain 573
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D6ae8b76685acde3e HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6ae8b76685acde3e
Request Chain 574
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3629875732 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/67b1b6df-019c-49a0-bc4c-1ddc783a2eb1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003&dc=1079cc634ca638f8&iss=1
Request Chain 578
  • https://ad.360yield.com/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3D6ae8b76685acde3e%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=6ae8b76685acde3e&uid=598a6a51-0f8a-4fb0-b42f-7f00ce996f1d
Request Chain 579
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D6ae8b76685acde3e%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=6ae8b76685acde3e&uid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
Request Chain 583
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6ae8b76685acde3e HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 584
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D6ae8b76685acde3e%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6ae8b76685acde3e&uid=1086387011141840971
Request Chain 586
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-j998NX1E2uHUd9M6PLXvX07gnsd3DGz.Ud.7qOE-~A
Request Chain 588
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 592
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Request Chain 594
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Request Chain 599
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2e28d22e-5c94-47e5-a420-f27e9958584a&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 601
  • https://bn01.er.bemail.it/zeotap.php?_bid=d52e71b6-7865-4691-51fa-468f255a2381&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021031100-54124-0.481596001615418221-6a8044f226cf6a122f4a1db534acac6d&zdid=533&env=mWeb
Request Chain 602
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6938168445747067022&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Request Chain 604
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d52e71b6-7865-4691-51fa-468f255a2381&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d52e71b6-7865-4691-51fa-468f255a2381&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361&bounce=1&random=1170523624 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=mxlDLVmbj1BqZCGTw8/4Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Request Chain 607
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-QHEudLhE2op25OzSTGYeSoWuYLAy3eiYGg--~A&zpartnerid=570&env=mWeb
Request Chain 611
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361&_test=YElTbgAAAELJ0zoG HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YElTbgAAAELJ0zoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&_test=YElTbgAAAELJ0zoG
Request Chain 612
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=N_jScZtN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2abce07d-d503-4e43-790c-56edb1f6d300
Request Chain 613
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&dcc=t
Request Chain 614
  • https://tags.bluekai.com/site/87734?id=d52e71b6-7865-4691-51fa-468f255a2381&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 624
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&isDirect=0
Request Chain 626
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Y7TQNcKWs2BL&ev=1&orig=trc&pid=562107
Request Chain 627
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1086387011141840971&orig=trc
Request Chain 628
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDd5ILL0QnY6jgTp11G1B3I&google_cver=1
Request Chain 630
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Request Chain 631
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1
Request Chain 632
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 637
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=26e30104-62da-4d34-84b8-ff8aba9ecbe3
Request Chain 638
  • https://id5-sync.com/s/464/9.gif?puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO-7urk47ug9VJhs8oQ6wQuO88V3DdbBD6oTUnEw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=598a6a51-0f8a-4fb0-b42f-7f00ce996f1d&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_35050552-47db-4d3b-8a01-24e92c14db0c&gdpr=1&gdpr_consent=
Request Chain 639
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
Request Chain 642
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=5d58a125-6ed4-4b30-87e7-d34c4391bba2&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=5d58a125-6ed4-4b30-87e7-d34c4391bba2&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2df7608c-1bd5-49d3-8a7d-567be129a473
Request Chain 664
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YElTbFnmkIijbW0hWGmsVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjKppksYc1k3JjCpdGQjs&google_cver=1
Request Chain 666
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB&dcc=t
Request Chain 667
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECzp3YHk3V2Ogey03yvqgLY&google_cver=1
Request Chain 668
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6687046361955203987&uid=Q6687046361955203987&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 669
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618010230
Request Chain 670
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=617A396F2AD841E29D30506442C2A5B7&gdpr=1
Request Chain 672
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 684
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5/ct?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AATvTG4nezhKj3ly
Request Chain 695
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Request Chain 699
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1615418221&ip=217.138.207.140&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164910103721001781767 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
Request Chain 700
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_li_chk=true&previous_uuid=4448d5358d0d4f809380c8914f3c9aee HTTP 303
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&previous_uuid=31fd89aab08149528f28a51ad39e32e1 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2Fea06d28accb74e1daaa47eed2da67c9c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&4448d535-8d0d-4f80-9380-c8914f3c9aee&bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&previous_uuid=ea06d28accb74e1daaa47eed2da67c9c HTTP 302
  • https://i.liadm.com/s/e/64716/0/ea06d28accb74e1daaa47eed2da67c9c?mpid=7156&muid=ab446049-536d-4200-830e-53a82c00b871
Request Chain 701
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3617235367833370639 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNzIzNTM2NzgzMzM3MDYzORAAGg0I8KalggYSBQjoBxAAQgBKAA
Request Chain 702
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&xl8blockcheck=1
Request Chain 704
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
Request Chain 762
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=35ac4122-1345-40a6-ae47-b6c024152ca7 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=35ac4122-1345-40a6-ae47-b6c024152ca7&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D35ac4122-1345-40a6-ae47-b6c024152ca7&isDirect=0
Request Chain 763
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=KYbwSkB1ca9R&ev=1&orig=trc&pid=562107
Request Chain 767
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1615418223&ip=217.138.207.140&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164910103721001781767 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
Request Chain 768
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb HTTP 303
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&previous_uuid=70d6f5b389e046509e04e7f7cd05493c HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=447a2a1b-19c5-4a05-a863-dea7ae445a21 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=447a2a1b-19c5-4a05-a863-dea7ae445a21
Request Chain 770
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3617235367822884909 HTTP 307
  • https://ml314.com/csync.ashx?fp=&person_id=3617235367822884909&eid=50082
Request Chain 771
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Request Chain 777
  • https://id5-sync.com/s/464/9.gif?puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/6/2.gif?puid=b8cea363-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO7ZYPZWaHjqFXSQ2SRoLvwI33dKCv9JHaqtisGQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO7ZYPZWaHjqFXSQ2SRoLvwI33dKCv9JHaqtisGQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/5/3.gif?puid=eed45463-43c8-476b-b01d-209a61566e26&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/4/4.gif?puid=e_35050552-47db-4d3b-8a01-24e92c14db0c&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
  • https://id5-sync.com/c/464/9/3/5.gif?puid=Ze9iAqKODy4vVqA17ygFh9OHd941u9D9wcuyGl59Sw8&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/2/6.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/1/7.gif?puid=98643657-d371-4c5f-8526-70f82c6b1f9c&gdpr=1&gdpr_consent=
Request Chain 778
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
Request Chain 780
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=d7bfdeef-da5b-4dda-806a-96cfef091817&ssp=taboola&user_group=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=366&expires=14&user_id=d7bfdeef-da5b-4dda-806a-96cfef091817&ssp=taboola&user_group=1 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=80e25af2-365e-494a-aae0-f3e6bd6a8ed0
Request Chain 787
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2762784060102710731&orig=trc
Request Chain 788
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ2nu_o3NJSdI5vD6XE4hxg&google_cver=1
Request Chain 789
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=447a2a1b-19c5-4a05-a863-dea7ae445a21
Request Chain 790
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 792
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=751fd759-717a-4f88-bb75-ce68598cbcf4
Request Chain 793
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
Request Chain 823
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05WJo-5P4i2cowxSdYLrk&google_cver=1
Request Chain 827
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ab446049-536d-4200-830e-53a82c00b871&gdpr=0&gdpr_consent=
Request Chain 829
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938168445746477198
Request Chain 830
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Gw4EtpASaWQd6fzzvtKWc01
Request Chain 831
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352295811 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352295811 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/447a2a1b-19c5-4a05-a863-dea7ae445a21 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5528d09e-a202-472c-90a9-e9d262864760-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5528d09e-a202-472c-90a9-e9d262864760-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5528d09e-a202-472c-90a9-e9d262864760-003
Request Chain 833
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 834
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=MXSV1ZexnqKu&pid=557219
Request Chain 835
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 836
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 837
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mTbvcC7t1Lk84C5&gdpr=0&gdpr_consent=
Request Chain 839
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w2-QRudkSni1mn9gN0bYjA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 841
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C36F9046-E764-4A78-B59A-7F603746D88C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C36F9046-E764-4A78-B59A-7F603746D88C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 842
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C36F9046-E764-4A78-B59A-7F603746D88C&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C36F9046-E764-4A78-B59A-7F603746D88C&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C36F9046-E764-4A78-B59A-7F603746D88C&addseg=12,35,41
Request Chain 843
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzM2RjkwNDYtRTc2NC00QTc4LUI1OUEtN0Y2MDM3NDZEODhD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 844
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7768427892952043446
Request Chain 845
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=151cb0b5-417b-48f6-a06f-660daa69fe8c
Request Chain 846
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2762784060102710731&gdpr=0&gdpr_consent=
Request Chain 847
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C36F9046-E764-4A78-B59A-7F603746D88C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fUspNJZE2uVf5wEWU31rYPsHk_ADQWs-~A&gdpr=0&gdpr_consent=
Request Chain 849
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fwIbEHwBGUxkUB9MKgACTy1WTktkBhoZcVNkj-te
Request Chain 850
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2621760102267229147&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 851
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a96f9a37-9fab-4597-8a7e-3db8a28a5357&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1875ab0-b09e-47cd-81c7-9ceb3bbd6acd&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 852
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YElTbgAAAFLU01LS HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YElTbgAAAFLU01LS&gdpr=0&gdpr_consent=&_test=YElTbgAAAFLU01LS
Request Chain 853
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 855
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:365de2b4-3016-4545-adc7-a5a97b75b159&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 856
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4942300043002063965
Request Chain 857
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_35050552-47db-4d3b-8a01-24e92c14db0c
Request Chain 907
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null&google_tc= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null&google_gid=CAESEPk6BZBebJVzLOuP222uIl0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 908
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=null HTTP 302
  • https://a.audrte.com/a?adform_uid=8579590713389664277 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESEPk6BZBebJVzLOuP222uIl0&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=
Request Chain 911
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Request Chain 912
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=efe86049-5381-4300-ac57-e6befbfa6835
Request Chain 913
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YoxOjWGPQoV5jBvXZIpXhmaETNJ53UqMZ92Uoupq
Request Chain 914
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5541452396091844729
Request Chain 916
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjQzY2Y3ZmEtODIyMy02ZjM5LTUyMjctMzJmNzlmZDkzODJi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjQzY2Y3ZmEtODIyMy02ZjM5LTUyMjctMzJmNzlmZDkzODJi&google_tc=
Request Chain 917
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0zucr_bRKCiQxlILbHZHI&google_cver=1

910 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.botasot.info/ 		171 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d426e2629ad75fbd036233b61bacda28be5f3567ada506a8704b08e0d0fdb4a

Request headers

:method
GET
:authority
www.botasot.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db10e89305c869d7b17f62c71f92e22a91615418210; expires=Fri, 09-Apr-21 23:16:50 GMT; path=/; domain=.botasot.info; HttpOnly; SameSite=Lax; Secure __cf_bm=e5c1f73465ddfd047c99388f40ddc233771e3e9e-1615418210-1800-AfEopquEJiMOk0V8V4oxCOhUrRvwmqnFdjwhpJqqs44MDmBI4x6rwfwbttBkNzc/ylDDLHY0YJ5AAcyStGyX96U=; path=/; expires=Wed, 10-Mar-21 23:46:50 GMT; domain=.botasot.info; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
08c006d15100004e0870a2c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CCJkS42o%2B8SjrH9XHsr2LyDqrS49RjdyLh1XxZwIUWsfuE2gIHX0sj%2Fu2MLeN%2FNVxs3ruuQfrFwXA1ZbsVWvKtRysnv6UoGBnjvDQZbJwP5VcUObOlQJdBdWAiHL"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62e040c88e0a4e08-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
www.botasot.info/public/botasot/plugins/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/plugins/bootstrap/css/bootstrap.min.css
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ce958ac64ad7bebbe2733b1d0f287c201b8d0a2925551f48faa86c3e9e23880

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2988
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17800004e0850967000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-1dd95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a3yvLE5AKoRj6hXRsshZ%2FSAo3GSaT9%2BT0OghrLkbGGIsdqWAQRM6z0NSmnH%2FNFKSkEnGNcgFORUJ1RZGS50L47hg%2FnOHPsdoZ%2Bci3k4KAfCw1iJyosAzYzV9cY73"}]}
content-type
text/css
cache-control
max-age=18000
cf-ray
62e040c8ce3d4e08-FRA
style.css
www.botasot.info/public/botasot/css/ 		61 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/css/style.css?v=1615418242
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35467d9b96ab8c40a79049a2f495a0ca5bdba43472cd8c59cee2f111ca6c7254

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
45
cf-polished
origSize=87133
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17800004e0836158000000001
last-modified
Tue, 09 Feb 2021 20:49:43 GMT
server
cloudflare
etag
W/"6022f567-1545d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=00tySe%2F7FfDAynNnSzXnOzNpThBJrRw9tCR%2Fz1Bz84xEJCvT%2FXGIKQRjR7eo9oBcsqWs8fYFVGdpBi%2FcxlMeS%2BB5S0bceEhnZ5cNXS1ibzWGOqijBuSTW8covYJZ"}]}
content-type
text/css
cache-control
max-age=18000
cf-ray
62e040c8ce3f4e08-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		3 KB
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,700,900
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 22:34:47 GMT
server
ESF
date
Wed, 10 Mar 2021 23:16:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 23:16:50 GMT
font-awesome.css
www.botasot.info/public/botasot/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/css/font-awesome.css
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c264c6ad15eea3c8f8917e177acaba6855bc6eae109ac2acf2be2a515e9f50a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2988
cf-polished
origSize=33233
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17800004e083f285000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-81d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FGOvgGOxKhGggpjLh5zWRG%2BzSM8pY9vAsaozyje0U5zej%2FmxaiJaH8whYtVpR7%2FPTVSK%2BAHbeLyPotxdDbArk08COPbRuZRjE%2Bv1vXuYVEE8%2FNskmMe7SVbQa2Bw"}]}
content-type
text/css
cache-control
max-age=18000
cf-ray
62e040c8ce404e08-FRA
cf-bgj
minify
jquery.bxslider.css
www.botasot.info/public/botasot/plugins/bxslider/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/plugins/bxslider/jquery.bxslider.css
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835698ad7ea8929df52ce490bdebdcabdd03002a7f3c72480b035e41184cf4ab

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2988
cf-polished
origSize=3843
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17c00004e084ca4a000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-f03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WYciChOWd%2BuEhUIVyeoHSyvs7PFj5JHsevd5FUOqQWPcvoihGK8RnWzPigqxEwaOILnauQJkilTHd%2FoQBy1mQR6T2JDFpnRcD6gWkVixInmosgDyoNgJ52zlTr9p"}]}
content-type
text/css
cache-control
max-age=18000
cf-ray
62e040c8ce424e08-FRA
cf-bgj
minify
lightbox.min.css
www.botasot.info/public/botasot/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/css/lightbox.min.css
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5595963bca2af38bc8e44b3447f2fbe26d3d552b151e0d2cba04530609cf6676

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2993
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17900004e081c100000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-af0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B1EQUOU%2B6heQPQZQl6iUCf863tXnCmr3No0YuTkkEbD6v45HVZewK9DRaA%2FE%2FlNj224nBTpSdqoJQOcD4oxa7YF%2FHqqfLNF23j81tN2HLg2gh1Kxd5r6dAH%2Fjf3%2F"}]}
content-type
text/css
cache-control
max-age=18000
cf-ray
62e040c8ce434e08-FRA
location.php
www.botasot.info/cms/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/cms/location.php
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817693901c8347367c0ad9ce22453b8a9258ce010c1ec29e140cffe124694565

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ck9kopDIB%2FI%2FVxDLXpaJj7jzXFij5xmHianAE1onkKCOHGz4CvK1Y%2FH8FsdOxgatrule9aXJANldliqX4mzaSpDIpH1O3n2g51cfa7aFJZ2yHOhtCTeqQctCmfp1"}]}
content-type
application/javascript
cf-ray
62e040c8ce444e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17900004e0800227000000001
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.79.176.48 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 10 Mar 2021 23:16:50 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AkdWFmz3+ZBD6nME4CH9VA==
ETag
0x8D8DC207C714D5F
Content-Type
application/javascript
x-ms-request-id
72db3ee5-401e-0058-3d03-1619a9000000
x-ms-version
2009-09-19
Content-Length
7361
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-1c974"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 11 Mar 2021 23:16:50 GMT
botasot.info.js
pahtag.tech/c/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtag.tech/c/botasot.info.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d48b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90db3101a83aa963a9a5f4f5155861f0f02ac6222ecced805a1b38c0b6e92d6a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3029
cf-ray
62e040ca187e4e14-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2253
x-amz-id-2
CYObMAz+UdYQhUpSOGAyURHI+R32jPmgl+rtgjfWdmaSdR8hWmvbZV8mHO+GQbTRJSQNgtluLz0=
last-modified
Wed, 20 Jan 2021 11:56:43 GMT
server
cloudflare
etag
"7c9bbc5ca78398fb3eacde2f16641143"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OUQd%2B0yYf%2BIONSEhpVK1eYK79%2Fu3tOVbdESjdLbszaCT5ZjvOpaKr%2BHCBsusC6p2DCzmE5lJo9YEiM8SeIyfbaLADaHeUeF7inEowOSS6FCz6dBtfQprPA%3D%3D"}]}
x-amz-request-id
79B470CF8D1DF791
cache-control
max-age=14400
cf-request-id
08c006d24b00004e143cb70000000001
accept-ranges
bytes
content-type
application/javascript
jquery-1.11.3.min.js
www.botasot.info/public/botasot/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/js/jquery-1.11.3.min.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1534
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d17900004e080c168000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-176d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n9SOW46onCHKCtv8Kv%2BrJeh0Xfzw85tBIS0P7lPFm3wy%2F30PIH5bvdc4%2FBEBPO8KkZNTgZ4vkEBUZsUToHlyFrysYDojD0WMeqXUVvL%2BudIdje3A42JZJoXgxU3K"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c8ce454e08-FRA
logo-ai.svg
www.botasot.info/public/botasot/repository/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/repository/logo-ai.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9270d88b8b4b22529e5f933bd9e0b9cdecd6086546f8152d39b0b98495aa4dfd

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1955591
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d25a00004e085096f000000001
pragma
public
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-2084"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jUe8gDc2Gpk6Qqq4I55x9sgFmOUE%2FVfNMdXUI6%2BiWr0P6kAtkxB3J5VD7LZ4hhuAh1d1SkgY9TcH35k6CKPHVGaagt%2BwRFvi1bLSiGwqyCDya8ignxH9YKZMBaj%2B"}]}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
62e040ca2f754e08-FRA
expires
Thu, 18 Mar 2021 08:04:59 GMT
asyncjs.php
ads.botasot.info/ads/www/delivery/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.botasot.info/ads/www/delivery/asyncjs.php
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba103cb03a9334225b48cd88660f435d2f646d83b8cb085632b064b2e7118138

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expire
Thu, 11 Mar 2021 00:16:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L%2FcgUCLymo6nUqtNmlh9ySLdRxJzg6mwoqlGUaQZoT9Bw8KwrhEAQ5vBPlE6qxf3OteLJ5wn9XF5qfnBb7WmkLfSg2QWeQ5pp19vjAvL5f3ZXmIgWGSlOQeFNx3k"}]}
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600
cf-ray
62e040ca4f914e08-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d26f00004e08492e1000000001
lazy-sm.jpg
www.botasot.info/public/botasot/images/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/images/lazy-sm.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239b64535117a219ab49ae6d00c106096db2c5ca5ff395c3271377b45ec0f0e7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d28700004e0852a31000000001
pragma
private
last-modified
Mon, 03 Dec 2018 10:27:12 GMT
server
cloudflare
etag
W/"5c050500-2ffc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qXtDhBh%2BKTVVTbHhriz7GC5QFc1lkEMpt5dtSCbMNTmdAeDoQvTN6iCkx284Lj8up%2FN6wexaWAwEwX%2Br5nFGKnW3xLFC7oPqaQ1FDKHQ1O915tb%2Frcje%2BhenHCKH"}]}
content-type
image/jpeg
cache-control
max-age=3600, private
cf-ray
62e040ca7fb64e08-FRA
expires
Thu, 11 Mar 2021 00:18:22 GMT
s.js
waust.at/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/s.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3064
cf-request-id
08c006d2ad00004ac888b73000000001
last-modified
Tue, 23 Feb 2021 15:47:16 GMT
server
cloudflare
etag
W/"60352384-1ed7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R8UCMb9csQmidO8puku6T7mgYydoIoMUUsvGyI1l5y18J39fkPq3LhPYDsymIvczwdGoocWVlcskvdRQnNwmSdsYht%2FvP1CN5H2JAB8lE5hMCsdvxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
62e040caa8f14ac8-FRA
expires
Thu, 11 Mar 2021 22:25:46 GMT
modernizr.custom.js
www.botasot.info/public/botasot/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/js/modernizr.custom.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb68960e30e3c41098358c8ec722922bed6361ab8752d41a16a139daef27aa8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2987
cf-polished
origSize=8496
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d19500004e083615a000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-2130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PIAyw7GUDxXXBqJ%2B8Jr4pHbPVct0uBz1ZKMoAhftrAjjpkbTpe2lQqhQJ0pFOs9lS11Dur7tfBoqaVE2NG0RtDWypWCnUgMVdBdXXp60XrpEgf%2FaAWsQjOfIh4oo"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c8ee6c4e08-FRA
cf-bgj
minify
jquery.easing.1.3.js
www.botasot.info/public/botasot/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/js/jquery.easing.1.3.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2988
cf-polished
origSize=8097
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d1a400004e0803154000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-1fa1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y7R3MU5vve9sVVcaUvSxmvH6GC3xpFNmnK500uvLDxbE3wrPxV4%2BzqnI741zdL8GYjpZrjaFRp9pGio9zHWeCxLBiNNkPdI4RoKzPKQB%2FgkagFYVqhNn69KM%2By98"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c90e834e08-FRA
cf-bgj
minify
classie.js
www.botasot.info/public/botasot/js/ 		1 KB
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/js/classie.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4694a75326748110e9cd6b60b8c9c2798452b507f6a5dc69b309b8f57e2a52d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2988
cf-polished
origSize=1954
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d1b200004e0870a2f000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-7a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FU2PAVUFk0xYsmiQozlbbNQycaWL335lF1jRLQ2DbJaLmLM0IRbHQsc8%2BZ7dLJs7a4x5E0OxmOoNx9JJttsvP5%2FVtdbY%2BE4vciimBboPKlor%2BvYRi5RC%2FvlYG9dO"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c91e944e08-FRA
cf-bgj
minify
scripts.js
www.botasot.info/public/botasot/js/ 		2 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/js/scripts.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301bb142036db876adfd7ed658d27d7e9921e71f325713f40786ba1cc0ba116f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2987
cf-polished
origSize=2031
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d1bf00004e0820819000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-7ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WuD5XRbYSMxiQgw6%2F0YD0UcdqJ2X2UQfxvhNj3MimEq3mpGifwOTiyPcU2eZe2E08%2BWGCcvPhmarMvK%2FNg9ncwRDSDr0Yx9j9RlfEfQYd%2BM0qxsQ7CIKZnlJKk9N"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c92eaa4e08-FRA
cf-bgj
minify
bootstrap.min.js
www.botasot.info/public/botasot/plugins/bootstrap/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/plugins/bootstrap/js/bootstrap.min.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7490e5a0147240fe0200301364b0c0a0757ec345a4889d63bc03406002075b23

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2987
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d1cb00004e085b005000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-90f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LA3cH9BscxwKUAbv5%2BN7iNjNOJoWCiigb%2BGkeFe4iOBWFG0BfH798Fuj3jl8PknMoSp%2FScM8mpTp75DH%2Fgr3Cpe3bGUdYTyMi1ndxHTmYHKVlo8BZwfSmnvi6IW1"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c94ec14e08-FRA
jquery.bxslider.js
www.botasot.info/public/botasot/plugins/bxslider/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/plugins/bxslider/jquery.bxslider.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f89d277fc4268fd297170563e53c2ee1109e7beb9603b80eb30bc405879b67

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2987
cf-polished
origSize=50573
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d1d900004e0870057000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-c58d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TP7YfuoG%2BxDl9jxAjmr6EZPvLijuM9d%2BbyMmy0xjXEbBQPLuftmMtPPuyDVdY9%2BZGOYnBU4JyeOcrKPOPejAlmUpE3nriIfqe62%2BaFma3HMMpT5NtUh2D%2BKZ%2BpeY"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c95ece4e08-FRA
cf-bgj
minify
lightbox.min.js
www.botasot.info/public/botasot/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/js/lightbox.min.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f36de4455b10ca52ae3e585dc4cafd63851715da1ae3e4b2439f66ac045ebfd

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2987
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d1ea00004e085d37a000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-2128"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2M49JhaxKJbUZC6064WdF3POO1rstlNGPPkkC24jwH6Ppb9JzwQyPMrM7JuysQ41gahIpkJ3wf%2BWxnqxZeXH1KdFx2T16WCx%2BvNQX18Yzbb7E1rQTBjBK7xoeMP9"}]}
content-type
application/x-javascript
cache-control
max-age=18000
cf-ray
62e040c97ee24e08-FRA
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4228
date
Wed, 10 Mar 2021 22:06:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 11 Mar 2021 00:06:22 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-106.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 00:34:48 GMT
Via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
14078524
ETag
"96c08723796affab377d9bb08d631cd0"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
8QQiHPHRkJKB8VwnfeB58KZ0xdwZM_-gnI3smiotYYz8Eu0YmtaBHg==
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9358f222ba40b683e83f1705f68d251bf6002d597f38707e59abef418d6dfc37

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
etag
W/"ba5d12764ba6d8c6ecc9135d06608e70"
last-modified
Tue, 22 Dec 2020 18:58:46 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
WO75lCcHDZ0fkW3Uh3sZaR3nJ5x3P7KXzCTJIkL-orq30lITEa4_GA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b941c541a9367e056a1a9ecb6f8f33b8bc6f7dbc62647adfcd7e442cfe3111bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OM95FcJlx4s/z6PCPHtNUw==
cross-origin-resource-policy
cross-origin
expires
Wed, 10 Mar 2021 23:22:41 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1782
x-fb-rlafr
0
x-fb-debug
4kxZAFp8JrbEU3xrim0NMilC86jPVC3GlALkFEEVLrFxvrUOi7Y+WA5sOetvYUj3Z3fv9mmTK3J1Utw/emgLFw==
x-fb-trip-id
917726464
x-fb-content-md5
d81abb6ba3aef28b8e3d5949e5a01e4e
date
Wed, 10 Mar 2021 23:16:50 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"31a92f28244cfe36236d502878569771"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
hamb1.svg
www.botasot.info/public/botasot/repository/ 		645 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/repository/hamb1.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/style.css?v=1615418242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be131a40cea72d4107c660ba2a8a1edf42e076df8d264785d5376a15589f762e

Request headers

Referer
https://www.botasot.info/public/botasot/css/style.css?v=1615418242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1955591
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d2ad00004e081e15d000000001
pragma
public
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E8ikc5tNfTZFCHFH4sKilMBlTaHrsxX%2BelIhbBOCtGJZ2kpqIWX2V8g6WCIMm4WTJB%2BDcuFxXyM80N2bGfWr%2F1EaA2IzZd3846vywbqs6OWk0MlHXHDocs4Vzvjl"}]}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
62e040caaffe4e08-FRA
expires
Thu, 18 Mar 2021 08:04:59 GMT
fontawesome-webfont.woff2
www.botasot.info/public/botasot/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.botasot.info/public/botasot/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin
https://www.botasot.info
Referer
https://www.botasot.info/public/botasot/css/font-awesome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2979
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d2ad00004e08101a3000000001
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjIZsosjI3YAb9LHrThaqjI%2FQ69V5a1VwCMmtPwnHNFwC0oJrI4sV7Lua7Wg7xACjwCNhlKNvIPHrvgAau88gkwMHwCq6VnDYoLfZVFOlxVI%2FezHpWbzqjE%2BP%2F4C"}]}
content-type
text/plain
cache-control
max-age=18000
cf-ray
62e040caa8024e08-FRA
projectagora.min.js
aghtag.tech/libs/ 		374 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: pahtag.tech
URL: https://pahtag.tech/c/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24c262d9ee1f342e6d4d28edf9c039d897a2b7c0385192dac5d6dfae46e53b0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3080
cf-ray
62e040caeb6c4d89-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111546
x-amz-id-2
9h+KBZdCRyiLKkL2wB/cO7s7DnCm+9vxPjJUmHDrd5xRabQT8zAzVOmSUUNlAUchaTUeZ+2LqPI=
last-modified
Mon, 08 Mar 2021 15:18:39 GMT
server
cloudflare
etag
"4db1441f1c7b7c48749f52d7d760afcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MjEDAWfYYzxa67MsBNV6AC5TbTyCDpOu6XXqJB6lhOuX%2Bi79g%2BhUr%2F%2BHtXrWizR%2Fg%2F1gKBxVEBE3x3nR6tKnRfin%2F5h4WBmdNEOWfWFEU2jCj4wodoiyrw%3D%3D"}],"max_age":604800}
x-amz-request-id
B6353BE0605B1977
cache-control
max-age=14400
cf-request-id
08c006d2d000004d89c89c3000000001
accept-ranges
bytes
content-type
application/javascript
ajs.php
ads.botasot.info/ads/www/delivery/ 		657 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=135&cb=6406245740&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1edc8d96bc4b6a9795005ca9e7e2bcc72d337686c52e54f374269279e3d5be5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d2bf00004e085c05d000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DNvnIprS3%2BYxm6fiDJMF4vwINTbVZ0UaYCzxMAVtv48EWm519QsW%2Ft9WNntbOKrcdLyUKGa6znWSXjdBILYChBh9ZIGf6gm76i4eJCwZCQIAQath5%2BpqoLtdsfov"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cac8154e08-FRA
expires
0
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=77261e79ed398a5c647b1185462752bd&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
692596e11ca1bacbeb79236fc8a02044cdb21472bdc49342ad01e9edf18132f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.botasot.info
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qWw2jvEkyKvGEuu1M/Vexw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60547
x-fb-rlafr
0
x-fb-debug
L2eQXYbG/t5bK4DuCGKaJJ/kr2o4v/qv1+quKb6XkQ9Xicgjif4GKknG6EbFsNKwgZuNJDsXfnHbowytSImK6A==
x-fb-trip-id
917726464
x-fb-content-md5
a3638d13f35c145103d8a6fbf32fabb1
x-frame-options
DENY
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c5da4452ef12ee0258ff7cd4f91297a8"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Mar 2022 22:20:14 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=239860280&utmhn=www.botasot.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bot...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35000153-1&cid=843605949.1615418211&jid=1724650820&_v=5.7.2dc&z=239860280
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35000153-1&cid=843605949.1615418211&jid=1724650820&_v=5.7.2dc&z=239860280&slf_rd=1&random=1067807114
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35000153-1&cid=843605949.1615418211&jid=1724650820&_v=5.7.2dc&z=239860280&slf_rd=1&random=1067807114
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35000153-1&cid=843605949.1615418211&jid=1724650820&_v=5.7.2dc&z=239860280&slf_rd=1&random=1067807114
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/ 		266 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 10 Mar 2021 23:16:06 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 15:09:37 GMT
server
AmazonS3
age
46
etag
W/"1d55b13d85c9837da884d1e8594cc025"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
Pp-nw6mqPsmUZMSY8g0IVbtPmPR1714jkemKf8Q7dQI7IxIJsN3VMw==
/
ads.projectagoraservices.com/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5233
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=135&cb=6406245740&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e25a5c0e87c932a23bcaeeea3b3251b2c1b35427acb783cc72e8fb61e71139e7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4210
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=665&campaignid=1&zoneid=135&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=21cec316d0
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=135&cb=6406245740&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d2e500004e0874864000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hetRztndiEdr9xNgUUa75rL9C%2BUh3XmjjqphR6UIG7nWd3B882mDry8U38OZq50KwxVHW6ejEPfJ2UZFn6Prht%2Fl2hhEDUXbKXCf6MV56%2FjRrYJXdmql400FxIEr"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cb08454e08-FRA
expires
0
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Bota%20Sot&time=1615418211091&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.botasot.info%2F&random_number=20794092803&sess_cookie=864955191781e6dbb1219cb885c&sess_cookie_flag=1&user_cookie=864955191781e6dbb1219cb885c&user_cookie_flag=1&dynamic=true&domain=botasot.info&account=muiwj1aEsk00WY&jsv=20130128&user_lang=en-US
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 04:11:03 GMT
Via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
68749
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
PRG50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
U8T19LvPYYqfBlv-hC-0f-VLoL2nQxzDsO3w9NXa-0CIoFkb5vvBqQ==
prebid.js
projectagora.net/libs/prebidv3/ 		340 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2NI1ICcFAu05hlm5Y1UjAitS2iq3I%2F9%2BphAnSyzLvBBI2k8Qm8IrVIs%2BEa5U3YB%2BImvOTu%2FfTaxoWdgQGUecmCZGo6Wf70wSYUdyhyR%2BgjRP3lfhzn7bkr7c6wak"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d3560000dfdbed2f2000000001
cf-ray
62e040cbbc35dfdb-FRA
ajs.php
ads.botasot.info/ads/www/delivery/ 		625 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=141&cb=83484054546&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db26db399dc0fe49ae159e3c98e2ddb30f0f0ba3a5e78232a00b35078033cf88

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d34d00004e081c112000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VHU9spHqT7LcTg2J8co8qWwvYc8RqKEutwmisfMxMiHzAFh3toXQkI%2FuNdWpchCJDULFRfHZTygfBW%2B5qlY5saz1wqXmE8foTK0t2FkavXGJoYZWi4omjxHBeyOr"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cba8e54e08-FRA
expires
0
apora2.svg
www.botasot.info/public/botasot/repository/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/repository/apora2.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/style.css?v=1615418242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219debf4d0ace9615e622c1408e90b921fbce45af77014abe02d35d4b6f2ac9c

Request headers

Referer
https://www.botasot.info/public/botasot/css/style.css?v=1615418242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2061032
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d34f00004e08070d6000000001
pragma
public
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-698"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sOL1ZzDOwSMqCS39FEV2JQeMyJcRO%2BFNgjq%2BU9OgDlcAIpCmvXX6VcpDkY0OF7YJAG9wKn%2BJBuBCpUhPiWoMvkaQQ71Wp7J9fmd7xwjsi6btY%2BZq%2FSu%2BAAv3CkdL"}]}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
62e040cbb8ee4e08-FRA
expires
Wed, 17 Mar 2021 02:47:38 GMT
play-big.svg
www.botasot.info/public/botasot/repository/ 		791 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/repository/play-big.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/style.css?v=1615418242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6b4ae1b4a0567db278f891768b8f707e8832d3f0711dac4a22467d4b911653

Request headers

Referer
https://www.botasot.info/public/botasot/css/style.css?v=1615418242
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
238208
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d35000004e086816d000000001
pragma
public
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-317"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3De9JF47V7%2FqSDH7A0zkjS65AGw4AxPgRjKRG0hVNrCmCDkAlCIxcXQ69raweG1j2ru%2Fj1qqDTLN7ZyCD8djanFp63GiVAerxXGj9pDS8wen5q5zVGOX%2F49WCtDA"}]}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
62e040cbb8f04e08-FRA
expires
Wed, 07 Apr 2021 05:08:13 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=3
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=141&cb=83484054546&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:43 GMT
requestform.js
ads.themoneytizer.com/s/ 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=141&cb=83484054546&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
e1365e2772793da87f3376ab15ab21637278c51bfd91e62af652749451be2d7c

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16195
expires
Fri, 09 Apr 2021 23:16:30 GMT
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=674&campaignid=1&zoneid=141&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=eafd7c6479
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=141&cb=83484054546&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d37300004e085c064000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tkbzS8l2VSR%2BeBRLVfQ0VoUgC93CQsRlKiO2xtkvx0crP9hYecqUrQMALoAFk3I7xiAPIMmSCwSVY3IP%2FCN5K2dgooR8%2BrxbvgaRxXtfYE2albdd3hWN7o5pg0iW"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cbe9254e08-FRA
expires
0
/
g.themoneytizer.net/g/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:50 GMT
content-length
0
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1295
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Last-Modified
Thu, 07 Jan 2021 10:51:28 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495363_14CE5FEC:423F
ETag
"5ff6e7b0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame 723F 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211273
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211273
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 1EEF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e860d8f28cd864858d89399ff7fe3badac2448245c8db4b196151417b5e3bc6

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
text/html
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%F9%ED.%1EyM%8F%2B%E2%21w%19%A4%B2%EA%14%7D%C7%AA%13%D8%EF%8D%E9%AA-%3E%CD%93%B1%D2%A0f%12.%D2%A7%3BhL%FD%BE5J%A7%D2%5C%E6U+P%B9%8F%F3%C74%01%3E%EC%82H%C6%EE+%B7%A4%DD%DF%04%BC%08%11%DEHxeX%FC%F0%C3%86%99%EAA%5D%BF%7DG%99%138t%03%E7%28%FD%D0%91%06nj%B8%CF%04%8A; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d3e200004a7a55a72000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cc9d604a7a-FRA
content-encoding
br
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5922
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
ffn4Ic4W1cneFZYGSctw4VlnVWXSQGnmq6AbNvzgtXxGfLIV_Il-nA==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=593
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
ajs.php
ads.botasot.info/ads/www/delivery/ 		909 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=15&cb=77500344674&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ced9a035952a53cd86c6f07671da4ebaa97c8c63f32b8d0e2d49d8a2159c4d5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d3d400004e0843854000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HNh57mwFmkWCAnTaZBipih151MNSPaeXjam6648m%2BHXB0cg9VoErPd5xghpusIGPnxwRzl%2BRlTlL%2FbpWceX8F0frIot9nh2sOivP2ldTi68XJMq4SnKA%2BebC8SgM"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cc89b54e08-FRA
expires
0
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2867
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Ov1oAX9qGjPpOIq1aEVPjFsWjt2E05YFv_72lEwO5tJgcuKROuwY8Q==
botasot.info.1079095.js
jsc.mgid.com/b/o/ 		242 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/b/o/botasot.info.1079095.js
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/ajs.php?zoneid=15&cb=77500344674&charset=UTF-8&loc=https%3A//www.botasot.info/&mmm_fo=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84281dba226336e91720304f2f1b549d276711fc42b472d1fcead7d917b59978

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
age
3710
cf-polished
origSize=248036
last-modified
Tue, 02 Mar 2021 13:20:51 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7VDFZ78K6RQ4BRHH
x-amz-id-2
1XaJt10HCmWgtV+SMiA7LlKhEu0meJ5IoQg7evjuR3p3POAKt3fYYznwlryV98GH3rjjIglPVkU=
cf-bgj
minify
server
cloudflare
etag
W/"7a60224e4b45fbf23da2798d3b91a710"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08c006d41f0000edaf94b93000000001
cf-ray
62e040ccfe28edaf-CDG
expires
Thu, 11 Mar 2021 02:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=723&campaignid=1&zoneid=15&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=5392d03cbf
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d3ee00004e0846336000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ve3btDKCFU4Tl%2FDFUkOGPqAxN3xwpicRaRcT5upgnYKavCie7C3VDDSI9Qzw0bLKaWq0IX6d5%2BLIu%2Fv4a2ujj1xih8OpyVv00F%2FzUl4oDuwv5WuBBAtU30PmGUG"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ccb9d34e08-FRA
expires
0
iframe_api
www.youtube.com/ 		810 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a88cc7da1973bf847e3740685fc737b04d4bb5b5ab78c8158ac66adc3cd56391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:16:51 GMT
9F-ijnSdWwE
www.youtube.com/embed/ Frame 1E92 		49 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d7462bf7920653ebef7ac1315a674ccfd189322b81e011934ff3c67ecfe6e1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 10 Mar 2021 23:16:51 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=XI6q-TEuvr4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=3_P3wMZ8MFg; Domain=.youtube.com; Expires=Mon, 06-Sep-2021 23:16:51 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+196; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rxgNYXR3a94
www.youtube.com/embed/ Frame 1ACC 		49 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
628da314d68f94d5703d448fca8b9b497e57c97cbb4a98bfbc0b190a4f61540f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 10 Mar 2021 23:16:51 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=4GKxB9IRhIA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=bxfC3b6_Itg; Domain=.youtube.com; Expires=Mon, 06-Sep-2021 23:16:51 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+610; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4gEeW7D-q48
www.youtube.com/embed/ Frame C449 		49 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9096e54950e352d4210472791024dd06a17f4f4fe20db81a006cc30cab26237a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 10 Mar 2021 23:16:51 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=rCqvi9xkLdE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=9PKOsCg5iDw; Domain=.youtube.com; Expires=Mon, 06-Sep-2021 23:16:51 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+442; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Y0MFQiVVmH4
www.youtube.com/embed/ Frame 7CAD 		49 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3685b4beda580238eeb2402193811f88e85ab6b97c3f397ccb54d2b2d959c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 10 Mar 2021 23:16:51 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=qdUEVDjnvf0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=FfFzLqc0eHg; Domain=.youtube.com; Expires=Mon, 06-Sep-2021 23:16:51 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+256; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prev.png
www.botasot.info/public/botasot/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/images/prev.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Referer
https://www.botasot.info/public/botasot/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d44000004e085b01f000000001
pragma
private
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-550"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=obqznxNXf1C9gsszE%2FY4rUUNtv0yvRkX8yftS5gG1z7MI9rnQwCnTYUZLYOhf6heWtKpIHyLlq4f7vZYAHePEBqYGqzC%2BSXZU3oaDGjTank7FbZ%2B7LayFVG7lqib"}]}
content-type
image/png
cache-control
max-age=3600, private
cf-ray
62e040cd3a444e08-FRA
expires
Thu, 11 Mar 2021 00:18:22 GMT
next.png
www.botasot.info/public/botasot/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/images/next.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Referer
https://www.botasot.info/public/botasot/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d44000004e0850982000000001
pragma
private
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fWKRVQCSH0Llp%2FemEKT%2B6NR%2BxCF%2BcvQuRkcky%2FtyKt283cRsZTDA8ZvNni6ZkHtMPQdCMS33C5PIdqWtGTwS0a9r3BYXMsaIviJ4RlG3leP%2BpI5lMKjkCzwsExrW"}]}
content-type
image/png
cache-control
max-age=3600, private
cf-ray
62e040cd3a454e08-FRA
expires
Thu, 11 Mar 2021 00:18:22 GMT
loading.gif
www.botasot.info/public/botasot/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/images/loading.gif
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Referer
https://www.botasot.info/public/botasot/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d44000004e081e16c000000001
pragma
private
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-211c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wmxVaYnt2oaRRBh0DjBOKdKIqOS2uI2oktby7q4JczKGn%2B9mETLZBe92s%2Fz9Rg%2Bo99AqvnmjxsV4Z21y1BGmlN3MPVfjwjoXba7ops5gAfCNMlI%2FZ4yy0u5q57hL"}]}
content-type
image/gif
cache-control
max-age=3600, private
cf-ray
62e040cd3a464e08-FRA
expires
Thu, 11 Mar 2021 00:18:22 GMT
close.png
www.botasot.info/public/botasot/images/ 		280 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/public/botasot/images/close.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/public/botasot/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Referer
https://www.botasot.info/public/botasot/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d44000004e083e160000000001
pragma
private
last-modified
Mon, 26 Nov 2018 12:42:28 GMT
server
cloudflare
etag
W/"5bfbea34-118"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9HvMboiGgOsoJTXV3156ZdZVLJ1fsjE7bDBELIBqzIuUYST%2FCAaIIKayT52seMbZ93ZAWk%2BSpfzHUQRzo%2F9bASawk37N6koFCeyzN8C6hPItXl50oBrcp8CsoRI%2B"}]}
content-type
image/png
cache-control
max-age=3600, private
cf-ray
62e040cd3a474e08-FRA
expires
Thu, 11 Mar 2021 00:18:22 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@10.19.0/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@10.19.0/dist/lazyload.min.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
adf03f7ab87622faa77b4d12f97ff80466377950b805021a07a8c11804ceac14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2506654
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
2168
etag
W/"157d-7oSTFmgFjdrwSUlzDWmBH9iMXEY"
x-served-by
cache-fra19153-FRA, cache-hhn4031-HHN
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
asyncspc.php
ads.botasot.info/ads/www/delivery/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.botasot.info/ads/www/delivery/asyncspc.php?zones=3%7C25%7C26%7C96%7C127%7C161%7C169%7C84%7C97%7C85%7C98%7C16%7C86%7C99%7C17%7C87%7C100%7C18%7C88%7C101%7C19%7C89%7C102%7C20%7C90%7C103%7C21%7C91%7C159&prefix=revive-0-&loc=https%3A%2F%2Fwww.botasot.info%2F
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8201caf2a28bcbce0d47a0bc762313477c02f1b7970a9f177a9bb29594186068

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d44500004e08583a0000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dBf2wVEOf5ncxfYFrKwxzy8Dh4g13gXFZV%2Buiq2gOj3KfRIAP7WxLCOchsHuPQB%2FqRjF%2BVnEYJDVF2F0mr9jSDthAPzs6cgQF%2BtTh%2BJ1MXqbwCof%2FfchNuqQTlaC"}]}
content-type
application/json
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040cd3a4d4e08-FRA
expires
0
like.php
www.facebook.com/v2.6/plugins/ Frame 5818 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=77261e79ed398a5c647b1185462752bd&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c1c5e41a5a4223171e7d8facaf90299cf4069228d5870b15d901f09ef8b3617
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
UfkxZawPrwyUljOIx3MdxNsn1jN+X/njBc3pGpZviZlDG2TYKGBc1fgCVpyqCtLcvV6PXz/EUYOKchkfHvfWuA==
date
Wed, 10 Mar 2021 23:16:51 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
8.gif
id5-sync.com/c/12/103/2/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=714ae15d-1dc7-4b08-8208-d979845f1a31&gdpr=1&gdpr_consent=
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1441152202336771100&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=B9174A32A1C02B3D&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
0
0
www-widgetapi.js
www.youtube.com/s/player/d91669a4/www-widgetapi.vflset/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2d0c281519e31954278ba8946fa818eaeb68051112d3b030b9af11062df26fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 23:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
86562
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38484
x-xss-protection
0
expires
Wed, 09 Mar 2022 23:14:09 GMT
/
whos.amung.us/pingjs/ 		31 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=aou36xaxbe&t=Bota%20Sot&c=s&x=https%3A%2F%2Fwww.botasot.info%2F&y=&a=0&d=0.775&v=27&r=6362
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.94 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
d1dc781bf69f07ae034540172fe72e293e812e9e7e90cf9b6d06ed84e38dc4da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
/
ads.projectagoraservices.com/ Frame 6961 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5234
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bee6da40901df475d7b151e72dda4efb2ba0eea2c9c2c42ccf0ed0d4a5cdd0de

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4176
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 6961 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=589&campaignid=1&zoneid=25&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=49d5f7727c
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d49d00004e08492f8000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O2m8zVrtZzS1LqNqA77tzK2%2FVnCL0KoV0YOKFaLVW9CgecCbAIGH0JuWFNaCKoqthY2r0olV6SYf0Y6ia5TzVOOtga0nwosiYwZCcMwdWYne0v1UPMr7xAsck%2FzO"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdcaf54e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 919C 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5236
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d56aaf51b18e1d9c7522f9b823d2d367bd9181a7432046e23973fa9de40b9a16

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4222
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 919C 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=594&campaignid=1&zoneid=26&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=221c59708f
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d49e00004e0870a4d000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xZGWyI6k0Xe3DexX7WJ0RpClTkmJgoF9gxhXvUBaZTaaU6qHqd6ez3pkkIr2CwuQZWx8hGCDfJxHeC1LYaE7IaekKDlaa%2F755KTv%2FL4xFKDC4OoTSeaNvsiAJL7t"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdcafd4e08-FRA
expires
0
gen.js
ads.themoneytizer.com/s/ Frame 7BA8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:34 GMT
requestform.js
ads.themoneytizer.com/s/ Frame 7BA8 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
918d9d12712d5fe836e08ca6218dce1b5ae5be69be8df96b37016da582d4cbe4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16187
expires
Fri, 09 Apr 2021 23:16:30 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 7BA8 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=695&campaignid=1&zoneid=96&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=2124df9148
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4a100004e083f2a3000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O2VqbNdqsYggn%2Boojby426D%2FmOg3q0NyCjnpOs13seJHtW8C6UQksPccqSBg1KeHj015AzfcDaMamadnB8WoYYTDPuxTNzB9ACWXDZA9kzoEArfms28wqQo0G7DS"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdcb004e08-FRA
expires
0
gen.js
ads.themoneytizer.com/s/ Frame EC81 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:11 GMT
requestform.js
ads.themoneytizer.com/s/ Frame EC81 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
6c649b4d842cdb6275335ebff6b2668e03f21fd1aaad4d550ea22b78ebe7549b

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16183
expires
Fri, 09 Apr 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame EC81 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=678&campaignid=1&zoneid=127&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=ef25ad9b9d
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4a500004e08101b9000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zdufY0RQWsripyC4dxM8kXHC%2F%2FbyvDmQNRxV72YyiWzRC9hug609pMVfR%2Bu1fVRcdepJ%2BsadmMRzo1YQ0%2FkG9aKUpwQmh9UzVGzaeVQiUGNcxJwUNhj1nkyrXDMS"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cddb044e08-FRA
expires
0
botasot.info.283092.js
jsc.mgid.com/b/o/ Frame 66DE 		264 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87dac8b01a3e716ce5f520e7df3d370fbfe877d75a62df87f91f22082df22d67

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2431
cf-polished
origSize=270101
last-modified
Tue, 09 Mar 2021 08:25:17 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QKW3C4A7HJA366AZ
x-amz-id-2
IgIahwJCbNIhXc94QlXUYjYl1y+M5BmXL+PorFvoHoydgwH+eYmItT5L+WcHKp1vhuGFe9xDm9I=
cf-bgj
minify
server
cloudflare
etag
W/"7db1e302bad6dd82bed69deca9a7837f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08c006d4ad0000edaf95082000000001
cf-ray
62e040cdef47edaf-CDG
expires
Thu, 11 Mar 2021 02:16:51 GMT
botasot.info.94395.js
jsc.mgid.com/b/o/ Frame C6F8 		246 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/b/o/botasot.info.94395.js
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3589a90389479a14daea0ab821b2e7702fcdeb15d7f1165867fe221b3b1e620e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
age
4664
cf-polished
origSize=251993
last-modified
Thu, 04 Mar 2021 13:25:22 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
N02SKEK08CPEDNGT
x-amz-id-2
u4GGNz5uiIERe3474/90ejUCfcXVTDzMK9qhYVOmyOBtsyrcX7rRex0fj7fd+X0trq6SAwFw8Yc=
cf-bgj
minify
server
cloudflare
etag
W/"206d9b022b554f7c3e3ade95b3ebc957"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08c006d4af0000edafd0895000000001
cf-ray
62e040cdef4fedaf-CDG
expires
Thu, 11 Mar 2021 02:16:51 GMT
gen.js
ads.themoneytizer.com/s/ Frame 827E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:34 GMT
requestform.js
ads.themoneytizer.com/s/ Frame 827E 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
918d9d12712d5fe836e08ca6218dce1b5ae5be69be8df96b37016da582d4cbe4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16187
expires
Fri, 09 Apr 2021 23:16:30 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 827E 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=695&campaignid=1&zoneid=84&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=1ebc081752
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4ae00004e086f0fa000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EcH19Ss5EvAnRa9sf4BynewxTlRr6khIVwMiDVLNQdrcQCs7jadqMEoo%2BIUSOSn0%2Bx%2BZR1lfbgx2npFt9o%2Fyubw2lcEg9RbB0HcpPjoaTFdfTgcR2vyzE%2F9Q6spH"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdeb194e08-FRA
expires
0
gen.js
ads.themoneytizer.com/s/ Frame E12B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:47 GMT
requestform.js
ads.themoneytizer.com/s/ Frame E12B 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
11f4096e122142fb8434561a854fc08160ca77b0f1a578fd45113344fe40b79d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
expires
Fri, 09 Apr 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame E12B 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=694&campaignid=1&zoneid=97&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=495d7fa785
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4bb00004e080c18b000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bQr2MqxgZ%2B1RPQbz6c2muuVdTu%2BXwkW0bTS4GXzoMhN3RL%2F1%2BQXxRq1%2FVfE3rw%2Fqojuyqxb3j%2F63uXMYpOa3njjTpgZ%2B%2F%2BipYJJunOM7XbwXi1%2FhB%2BYw3jGLVWuj"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdfb354e08-FRA
expires
0
gen.js
ads.themoneytizer.com/s/ Frame 632A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:47 GMT
requestform.js
ads.themoneytizer.com/s/ Frame 632A 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
11f4096e122142fb8434561a854fc08160ca77b0f1a578fd45113344fe40b79d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
expires
Fri, 09 Apr 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 632A 		43 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=694&campaignid=1&zoneid=85&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=c48e38e922
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4b900004e08140da000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3fqlpjLxYylkYBXGto9%2Fa3Mcm7t5mwp5RtFjVPXG3PHVudDYxW6OHupOUosYwp7cFBiS93hMxyEcsp46Tyd1caD0zzWKoHOY8dbdl6lxsQn3KiBzF%2FbUH6yyrDNn"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdfb374e08-FRA
expires
0
gen.js
ads.themoneytizer.com/s/ Frame E8AF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:49 GMT
requestform.js
ads.themoneytizer.com/s/ Frame E8AF 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
a045e186e8a55f0850b871d4a2f4d5a2da2c549c8dc9fb6c8708a36aba68f11e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
expires
Fri, 09 Apr 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame E8AF 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=692&campaignid=1&zoneid=98&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=18cfa689f7
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4b900004e087aa21000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e6%2FEYQ6XiyHPC30jEaWIupWcudzVyQTmVBhfAtzhcDyRHZIYqoQ9KKntjHBK0ZlVapca0JvauHpbwdsaY0Bdsf5tS4jatrqi8H%2BM7%2FucS%2BbRW8jaAQZpWzLnQdn9"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdfb3b4e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 2541 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5233
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e25a5c0e87c932a23bcaeeea3b3251b2c1b35427acb783cc72e8fb61e71139e7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4210
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 2541 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=665&campaignid=1&zoneid=16&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=28ceca2c44
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4bb00004e086d008000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7k6Puk3r8DZ1XJjyPt2PsG12tI%2FW7LLX0frST6iZwKYrb1AcsVAVXXlMH8w05727W5WX3ydKY0RA9Pi27kJDoX4hnGfq5LwHgLkxk8hn6T%2BdTW64MP%2FkhykngkIN"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040cdfb3e4e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame E384 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame E384 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=99&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=2e91a4904d
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4c400004e08798ad000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HH4wNOCawUF8QxFpDsnWVRgdqoF%2F1545BWKbgssMPNx0fnNkAx3cCbf8UdxdOGkgLX82zJoutoshzUe%2BK1G5xHwS8%2BrvZkT9eJp61XZNn0FuFMKbDAgp3%2Ft4dMmI"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce0b4d4e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 805A 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 805A 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=100&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=8a2db8115a
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4c500004e084b968000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1tc0WBDR3jHK3A1qfU6cTTd49SHE3vNMGOe9EyXWIy5WDgQ82RNFnAOztNO6y4V1vKikhNiL%2BTFn05z8Na%2BfBHC7y9pv%2FXCNLHUJb7%2FtCKIxAaKJPH1895%2FEkbwV"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce0b504e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 15F5 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 15F5 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=18&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=e0781ef415
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4d700004e080c18d000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3tK0dwJffnzexBXLY26CDrTGuaiUSOSDsNUZ5%2FXcUDeFHBTZw%2FGvF4dQ3imkQa5rk1ysPmG7uRImhMw4AsJRCkUGrn%2BMbB5c2DnhQM8YXNM2%2Fl7LoXtbs3ME0Qjp"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce2b634e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame C974 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=7502
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
46449766c61e4954b257b13bb18afc874fe84ef80c8f3f5f9e04a83d45f60dc3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3953
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame C974 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=610&campaignid=1&zoneid=88&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=ab2aa3c83f
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4d700004e08583a7000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KkvMOuAa14voZLmrnyIsVc86BrMnOSSbaPy%2BapmHsT8k41Q0ZNJQ8ibV1b6LvZlnNGtSD6Z14J3C70almsrMPaCKmpW7NYOx3kCMrlk7%2BcHOKhVri2%2Fna6807guc"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce2b644e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 4CCD 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 4CCD 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=101&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=5685a96d4a
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4d700004e08140db000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N3q2FUcHn1rZSdQ8Z%2FGB%2FjOiK78ytLPm8VY1roC5FiVP1GfOuDb467KQEmXxwfFYXNCLZclaWEv5vwM%2FnJl7n3AO6kic68i5Ly8w96a2H4J4aedHPmBgYnFLe9It"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce2b654e08-FRA
expires
0
gen.js
ads.themoneytizer.com/s/ Frame FDF6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2158
expires
Fri, 09 Apr 2021 23:16:49 GMT
requestform.js
ads.themoneytizer.com/s/ Frame FDF6 		130 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
a045e186e8a55f0850b871d4a2f4d5a2da2c549c8dc9fb6c8708a36aba68f11e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16191
expires
Fri, 09 Apr 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame FDF6 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=692&campaignid=1&zoneid=19&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=99feaba4bb
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4d700004e087aa22000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=48uO5UdjiLMiana4ixTywMS6gPiEDbLvgGl0r3oDQ0Tk8b6Ji6R4GMxeH54Z3Q%2F6XuWwfFkRtDZ9HaTlkRVejVfYRisxwPBeK6ZHRESJWisrkBbprW%2BsA0dWQJre"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce2b664e08-FRA
expires
0
botasot.info.283092.js
jsc.mgid.com/b/o/ Frame 19FB 		264 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87dac8b01a3e716ce5f520e7df3d370fbfe877d75a62df87f91f22082df22d67

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2431
cf-polished
origSize=270101
last-modified
Tue, 09 Mar 2021 08:25:17 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QKW3C4A7HJA366AZ
x-amz-id-2
IgIahwJCbNIhXc94QlXUYjYl1y+M5BmXL+PorFvoHoydgwH+eYmItT5L+WcHKp1vhuGFe9xDm9I=
cf-bgj
minify
server
cloudflare
etag
W/"7db1e302bad6dd82bed69deca9a7837f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08c006d4d30000edaf08a92000000001
cf-ray
62e040ce1f9cedaf-CDG
expires
Thu, 11 Mar 2021 02:16:51 GMT
/
ads.projectagoraservices.com/ Frame 83D6 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 83D6 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=102&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=af8970da67
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4dc00004e0801086000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F%2FoG9UnOfwU3AfOz%2BA%2Fnc4emOb5xxhuuj7dwn%2FBTl2wfifUNBSxuAgtTpAg7%2FEanTKaq2x5tU6zXWFSWUk0ZQA%2BsTAfz%2FfYpPRzLUTpM%2BO9ztE9%2Fe6W8DvDq%2FUS0"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce2b694e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 417A 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 417A 		43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=20&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=bf30f07b04
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4dc00004e08070e5000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FCPZ35xYFnhkW4l4JzkufQZ1W7H8EyT26EwQtjfBuFUv86CYvI18hun3LxIPKuIFFZXRwYijRUL103A%2FzdfXUZJBe9mwtkxNsHCCigVwM654S%2BHuKnAQCqpznlbC"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce2b6b4e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 3ABA 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5231
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4209
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 3ABA 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=597&campaignid=1&zoneid=103&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=d1f3cd3c8e
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4f400004e084ca6f000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KcOIRgHR3rUZGr1bQDqvU0M0Q9kNwAPa1MrbsdMkBP750Jrh4M1%2Fly7R9jdSwKVGAHwXAYTansuYbJEJzCCkbYd2WyT3NoiIQF7ATbihRmr2JUFTMiSuA42jsRLe"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce5b8b4e08-FRA
expires
0
/
ads.projectagoraservices.com/ Frame 44EC 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5233
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e25a5c0e87c932a23bcaeeea3b3251b2c1b35427acb783cc72e8fb61e71139e7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
4210
expires
Wed, 10 Mar 2021 23:16:51 GMT
lg.php
ads.botasot.info/ads/www/delivery/ Frame 44EC 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=590&campaignid=1&zoneid=21&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=18b81d898f
Requested by
Host: ads.botasot.info
URL: https://ads.botasot.info/ads/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4f400004e0800248000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y1OiTc5ujZNK9ZHNU2CwJLazUpU7tRzoPtF1GZQ2DiuQb9XPm%2BsmDtftl7zkgRs649gtj0J8qRjBUclnLc2cnQVn4U27cFgd3fTRWWwAAfcuwfs67SqP6qTyvDyZ"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce5b8c4e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=b3292793bc
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4e500004e086f0fc000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d7IyoEzGcpPhaimNFBM0Gt764LpwUiep6FpZRC7A2dXtK2Oi%2Fpz0Uq2szVsCULfwv0%2BHNLiJcEiVpcoDpwF3GWsaQgeEcu6Q2OTOOLPPnM1yPN%2F%2BCQ9v1mICviGH"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce3b754e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ Frame DFB7 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=556&campaignid=1&zoneid=161&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=ba1c77a8a5
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4ff00004e0868180000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2gmkbBOTRJpHHgSv%2BYpH9pZD%2F3ZSyMoCcia0Er0I4N3QAaNpMNJEesErWNYSlNKLwi5DvbtTc9nwVLvgV3vZKWGKmrZgkmC%2BDHG3PcGAD%2B3eIGhRKfZ9Gw%2FGhPnN"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce6b9a4e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ Frame C6F8 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=653&campaignid=1&zoneid=169&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=71a6420f6c
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4e500004e08343e9000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gx8P5xmfSqP5qlqAvG%2B%2FP11vD3vnPKSn8Ukw2S5cCcU5bvAWnXPIzsedmBaRFopHQCL4Ci7VARvrGvkX8iQWZWCOf8ez3xqE9nn%2Bx5BoNXwyMz0d2crHdVs%2F9Ff7"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce3b764e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=86&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=ff3b6a546d
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4ff00004e08293f0000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KVt7pX1TKI4P%2BcD0dAm4sLYFKEz%2BBTCZgN97%2BW2lP8WHwninPiIByHLgSKUk4JDJ7khkUcNEBsZ72HqhIVqJDgB%2BP%2Ba7JOvzMgnWDGv9BsgfYJpkXSlngisPo0yT"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce6b9c4e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=17&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=5b0d70e07a
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4e400004e087487a000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2Fmo9wv%2BdGcX7LOz8q0LEph9UFiQx9eVcGquC%2BA7i2PAowgRJwd2oY2Anie6uMNdXt%2FC8z44huEJ0X%2BX1AKlOfVW6hjJ7x8og2JbfGR1VyMwP0d2DnosogkOI2UO"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce3b744e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=87&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=048b507188
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4ff00004e087487b000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iIPuIHSvSV6g4dIdvfPGivvFr2EGTiACAO0n2arij2%2F9VlnQhtWznsOek%2FpjRNtLw0xgCmsl9G4LglMSDqf7BDdDGKB4gWlCTfIWbSxrdBa9y%2BW%2F%2B7xo5sU2bGsN"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce6b9d4e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ Frame 211F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=556&campaignid=1&zoneid=89&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=1f6fd522d1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4e500004e082e24d000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S4f0IPzeaW70OESi1abST8OrDd1FVSzHFZJqjthUQmuBmQQVBq8xVdFzeugoRrRPpASR2E5hpfJab%2FYA4R0Vr5ibNK1lrGq1x2eV1cmKvcGKNtF2L65p3w2vhPrl"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce3b774e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=90&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=947c2b1d61
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d4ff00004e086f0fd000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mGnWXgIoWdAtf%2BTNgN%2FdF%2FZP1igb%2F3yq9MYfG2naM3DUUW2DDG2r%2B817P6hF7Pk0WpXdnWN0so87nHTGpxoLG8MhaKj%2F2IHNN1RkHC4pKcVl%2FVCBkyl%2F2ruYzrqV"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce6b9e4e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=91&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=881ce55689
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d50b00004e080eb62000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aWh9IRilSaSJPpM7qgzvtczlyFCWhd6Nsx%2B%2FfVluU8N7EdKq3V%2FZi7gRvfBBtmDHp%2B2TasKw0Vjch72SohP1YdZPjPpkfDBdHAbsh8%2FvhnlmA7l8SdNVkCAYMmWw"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce7baa4e08-FRA
expires
0
lg.php
ads.botasot.info/ads/www/delivery/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.botasot.info/ads/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=159&loc=https%3A%2F%2Fwww.botasot.info%2F&cb=8e5361b561
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d51600004e080024a000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F%2BugG0Yk8AR8d9rwy5XCj%2BP5MYjbLSNLpEu7nRA%2F40PRM3pdywgkIVN7xpWXeBfqTOuG56ZUdFHLEqRZfXPnlE2j0ypZa2ucMFFA9CNF9befAdl8Vk%2Foqgwt2Ogc"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ce8bb94e08-FRA
expires
0
mw
mwzeom.zeotap.com/ Frame 1EEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%2...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=1086387011141840971&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
95 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=1086387011141840971&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e040d0f9894a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006d69f00004a7a4dbe2000000001

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:51 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid
fc022f96-7d95-4e4f-bbaa-81c44d2aff53
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=1086387011141840971&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1EEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKgY-E8QiI0wdBkgPGid0lU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d3...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEKgY-E8QiI0wdBkgPGid0lU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e040d1ba214a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006d71000004a7a1b9d5000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEKgY-E8QiI0wdBkgPGid0lU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
450
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1EEF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c9...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D434f7115-f90a-405e-72e5-7d33c9...
  • https://mwzeom.zeotap.com/mw?cid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e040d19a054a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006d6fe00004a7a42b01000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
449
mw
mwzeom.zeotap.com/ Frame 1EEF
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d52e71b6-7865-4691-51fa-468f255a2381&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d52e71b6-7865-4691-51fa-468f255a2381&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=32804388302590621912429865611530369633&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=32804388302590621912429865611530369633&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e040d1fa5a4a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006d73600004a7a5ba27000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
bmDkLZciRfs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=32804388302590621912429865611530369633&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1EEF
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hewZd%2BUUo9k96G90KGbYI5gRLgMW5CeE%2BS41iYitP1U%3D
95 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hewZd%2BUUo9k96G90KGbYI5gRLgMW5CeE%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e040cf986b4a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006d5c300004a7a5ba1b000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:51 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hewZd%2BUUo9k96G90KGbYI5gRLgMW5CeE%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1EEF
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dd52e71b...
  • https://mwzeom.zeotap.com/mw?cid=85656049-5363-4200-9abb-87f586014265&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=85656049-5363-4200-9abb-87f586014265&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e040cfa8794a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006d5ca00004a7a9b86b000000001

Redirect headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Server
MT3 3611 f10363c master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=85656049-5363-4200-9abb-87f586014265&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 10 Mar 2021 23:17:30 GMT
cmp.min.js
spl.zeotap.com/ Frame 1EEF 		541 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e877d95f5ec273c644062ddaf76f9a90931d778e040f95e84da285cc0bd88a74

Request headers

Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62e040ce2ee24a7a-FRA
date
Wed, 10 Mar 2021 23:16:51 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
08c006d4dc00004a7a50233000000001
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
32e10dd179bf9b0810d8f41e01a8d66c114eeb546d7ca77302df1041d6aa15f8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 09 Apr 2021 23:16:51 GMT
identity
api.rlcdn.com/api/ 		44 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
css
fonts.googleapis.com/ 		2 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 22:33:48 GMT
server
ESF
date
Wed, 10 Mar 2021 23:16:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 23:16:51 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33586
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
www-player-webp.css
www.youtube.com/s/player/34a43f74/ Frame 1ACC 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34a43f74/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 15:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 01:18:19 GMT
server
sffe
age
113399
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Wed, 09 Mar 2022 15:46:52 GMT
www-embed-player.js
www.youtube.com/s/player/34a43f74/www-embed-player.vflset/ Frame 1ACC 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34a43f74/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f0fa364673cbba1c2fe13bf8f3483bc175757d0061ca20fd351dc3c1017a755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 15:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 01:18:19 GMT
server
sffe
age
113460
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59150
x-xss-protection
0
expires
Wed, 09 Mar 2022 15:45:51 GMT
base.js
www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/ Frame 1ACC 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b870980d45306c0f91f240c2bf2b1020a5d9f225f633d150e02f3e2e5803576e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 15:46:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 01:18:19 GMT
server
sffe
age
113399
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515242
x-xss-protection
0
expires
Wed, 09 Mar 2022 15:46:52 GMT
fetch-polyfill.js
www.youtube.com/s/player/34a43f74/fetch-polyfill.vflset/ Frame 1ACC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34a43f74/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 15:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 01:18:19 GMT
server
sffe
age
113460
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Wed, 09 Mar 2022 15:45:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1ACC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
531326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame C449 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
4984
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Thu, 10 Mar 2022 21:53:47 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame C449 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
42422
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 11:29:49 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame C449 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 11:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
43342
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Thu, 10 Mar 2022 11:14:29 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame C449 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
39997
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C449 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
531326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
/
g.themoneytizer.net/g/ Frame 7BA8 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame 7BA8
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:51 GMT
content-length
0
/
g.themoneytizer.net/g/ Frame EC81 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame EC81
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:50 GMT
content-length
0
/
g.themoneytizer.net/g/ Frame 827E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame 827E
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:51 GMT
content-length
0
moneybile.js
ads.themoneytizer.com/ Frame 7BA8 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame 7BA8 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1460
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame 7BA8 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495363_14CE5FF2:423F
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame 5122 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211691
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211691
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 451F 		95 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%F9%ED.%1EyM%8F%2B%E2%21w%19%A4%B2%EA%14%7D%C7%AA%13%D8%EF%8D%E9%AA-%3E%CD%93%B1%D2%A0f%12.%D2%A7%3BhL%FD%BE5J%A7%D2%5C%E6U+P%B9%8F%F3%C74%01%3E%EC%82H%C6%EE+%B7%A4%DD%DF%04%BC%08%11%DEHxeX%FC%F0%C3%86%99%EAA%5D%BF%7DG%99%138t%03%E7%28%FD%D0%91%06nj%B8%CF%04%8A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%FD1%97%0C%3C%BA1z%8C~%A9%EB%C1%A7%82%E0%29%B2%9F%8E%F2%F3%91%2AL%90%90-%8F%29%E9%F1%86V%03PK%CB%88U%E5ZyL%F8L%DE%C0-%F5%9E%DC%8DI%0A-%B4%403%ED%8C%08o%3F%90%86%1C%EDzAg%B0z%D7%F1%FC%0F%E7%91L%03uIOj%02%89%93%C8%95%BC%F6%E5lp%D6%3Dv%21X%95%18F%82%0D; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d57100004a7a391a4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf1fe14a7a-FRA
quant.js
secure.quantserve.com/ Frame 7BA8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame 7BA8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
f1b20a8f-5831-4b2a-a511-821ecd3a61e4
boot.pbstck.com/v1/tag/ Frame 7BA8 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/f1b20a8f-5831-4b2a-a511-821ecd3a61e4
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4c20e7c70dd13a0fefeb9f4db9b057a335c3d8d5e0b69b507a161b5d7912c1a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
62e040cfb8b04d89-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d5d200004d899411d000000001
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 7BA8 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5922
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
fGouJmpt5kq72f5H0KTOkff0341LcNfVUrZRmb1KoQiN9iNCnlYyMw==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame 7BA8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=593
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame 7BA8 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
9.gif
id5-sync.com/c/12/106/1/ Frame 7BA8
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=dc4be718-fd7e-41e3-a920-eb94c6bbd6cf&gdpr=1&gdpr_consent=
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1657327183473810907&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=8F7654F1B9F01445&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa2204023af04687f3b962&gdpr=1&gdpr_consent=
0
0
prebid.js
projectagora.net/libs/prebidv3/ Frame 2541 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mGRfesqM5g2yYT0s2deaW6HbVrbaTQUPcNzniruMnO8%2Bjoo8lhPIqe1CHuO6aPd6pzXJYLNR24HxlPFpmbnPhOy8P3YYONyp4DPHEy3Hrr16pPLLJr9ZrAdN1Q5z"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5710000dfdbe3889000000001
cf-ray
62e040cf1e2cdfdb-FRA
/
g.themoneytizer.net/g/ Frame E12B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame E12B
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:51 GMT
content-length
0
moneybile.js
ads.themoneytizer.com/ Frame EC81 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame EC81 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1268
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame EC81 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495363_14CE6023:423F
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame EA27 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211702
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211702
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 9E7F 		95 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%F9%ED.%1EyM%8F%2B%E2%21w%19%A4%B2%EA%14%7D%C7%AA%13%D8%EF%8D%E9%AA-%3E%CD%93%B1%D2%A0f%12.%D2%A7%3BhL%FD%BE5J%A7%D2%5C%E6U+P%B9%8F%F3%C74%01%3E%EC%82H%C6%EE+%B7%A4%DD%DF%04%BC%08%11%DEHxeX%FC%F0%C3%86%99%EAA%5D%BF%7DG%99%138t%03%E7%28%FD%D0%91%06nj%B8%CF%04%8A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%1D%7B1.s%EC%1E%60%3EP%89%F9%D16%1AB%C00%A2%C2%B7%12%B3%AB%09%1B%95%0B%F8%89%AA%F0%14%8B%09%92%EB%FC%08%7B16%10%A4%AD%AEa%B9M%CF%3D%BB%16%E5%DA%2282%1E%C1%C7%83%E9%11%B8%90%5D%7D%11%A7%02%EC%B366%A1%C8%07%15%E6CtJbY%A4%B0%C7%D6%F0%26X%C4w%C1%15%C3%F3%03%5C%21%8B%FC%B4%F9; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d57b00004a7a4dbd8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf2ff24a7a-FRA
quant.js
secure.quantserve.com/ Frame EC81 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame EC81 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame EC81 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5922
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
PIgq7ilFelZpCuQatl6l1T-ey8tfNyRpHK5PcmP2dqTGw6ulfTxqfA==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame EC81 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=593
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame EC81 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
9.gif
id5-sync.com/c/12/106/1/ Frame EC81
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=ae0f9690-dc64-4a73-aae7-62229ed43562&gdpr=1&gdpr_consent=
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1369094608298843277&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=B9174A32A1C02B3D&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/2/8.gif?puid=67450c7890d23c6507f482740139ea14&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa220402a3c4e17b1f6af4&gdpr=1&gdpr_consent=
0
0
/
g.themoneytizer.net/g/ Frame 632A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame 632A
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:51 GMT
content-length
0
/
g.themoneytizer.net/g/ Frame E8AF 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame E8AF
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:51 GMT
content-length
0
moneybile.js
ads.themoneytizer.com/ Frame 827E 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame 827E 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2155
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame 827E 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495363_14CE6041:423F
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame 1CF2 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211707
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211707
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 3EF8 		95 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%F9%ED.%1EyM%8F%2B%E2%21w%19%A4%B2%EA%14%7D%C7%AA%13%D8%EF%8D%E9%AA-%3E%CD%93%B1%D2%A0f%12.%D2%A7%3BhL%FD%BE5J%A7%D2%5C%E6U+P%B9%8F%F3%C74%01%3E%EC%82H%C6%EE+%B7%A4%DD%DF%04%BC%08%11%DEHxeX%FC%F0%C3%86%99%EAA%5D%BF%7DG%99%138t%03%E7%28%FD%D0%91%06nj%B8%CF%04%8A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%17%5B%00%1C%15%0FKW%05%87%0B%C3%9B%C5Q%A8%88B%FE%F1%84%2A%9A%F6z%F3k%84%1C%8E%AA%830~%ED%A7%A88%05A%07Qr%D57AFG%A5%BE%DD%890%EE%80%C9%23%14.%EE%09%22%0D%F1%05%7C%02%BE%5B%D8%EAKK%27%F5RH%8A%92%82%AD%B9%5D%9F%0A%26%10%E4%F8%14%8ArX%95%D2%0B%0AK%23%8C%BFP%40%15%FD; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d58300004a7a3b915000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf38004a7a-FRA
quant.js
secure.quantserve.com/ Frame 827E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame 827E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 827E 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5923
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
zZFEC2ZuZAqbRs2r5mVKm1UmwHJPQ1IjrHACjQI7jgX2Ebp22QbjGQ==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame 827E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=592
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame 827E 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
ping_match.gif
pm.w55c.net/ Frame 827E
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=ae0f9690-dc64-4a73-aae7-62229ed43562&gdpr=1&gdpr_consent=
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1657324984450553504&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=44CBAA560F48B604&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa22040219e82de36eca5f&gdpr=1&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F0%2F10.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
0
0
moneybile.js
ads.themoneytizer.com/ Frame 632A 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame 632A 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1288
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame 632A 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495364_14CE6063:423F
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame FB75 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211713
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211713
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 50AE 		95 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%F9%ED.%1EyM%8F%2B%E2%21w%19%A4%B2%EA%14%7D%C7%AA%13%D8%EF%8D%E9%AA-%3E%CD%93%B1%D2%A0f%12.%D2%A7%3BhL%FD%BE5J%A7%D2%5C%E6U+P%B9%8F%F3%C74%01%3E%EC%82H%C6%EE+%B7%A4%DD%DF%04%BC%08%11%DEHxeX%FC%F0%C3%86%99%EAA%5D%BF%7DG%99%138t%03%E7%28%FD%D0%91%06nj%B8%CF%04%8A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%CD%B0%A2%AAnAS%A1%F2%2B%E4%C9%0A%1D%24O3%D6i%DE%8E%B8%06Q%A8%E0%25%C0%F1a%D0%89%C7P%97%ED%A7%D2ZU%14Xzj%DC%40%8B%E9%F1Ht%5BC%89H%06%DA%D7%E2U%BEg%18%B0%DB%F0%AE.%0C%AD%89%BD%DB%87%FB%2A%D6%D5%7B%10x%E4%2CQc%85%13M%24%DE%B2%EC%5Dku%EA%BD%D8%1D%C6H%B1V%CD%5B; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d59500004a7a302f0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf581b4a7a-FRA
quant.js
secure.quantserve.com/ Frame 632A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame 632A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 632A 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5923
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
F4GAvHxqMgiNnkWQwM2LPQLR_PuYuextpjFxeg_zr_O6Ewpj-6p2-w==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame 632A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=592
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame 632A 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
9.gif
id5-sync.com/c/12/106/1/ Frame 632A
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=a4382e1f-b74c-443e-9e6a-4bfce44247ac&gdpr=1&gdpr_consent=
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1585267390412620210&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=44CBAA560F48B604&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa22040269b45562265fa5&gdpr=1&gdpr_consent=
0
0
prebid.js
projectagora.net/libs/prebidv3/ Frame 6961 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zOSXHsNSP0UcsYDD3gV7wSsYScaMIXHlpqS7GoMDwCFQAqMZApH09CcUVLaEqSokNmrzVpsWkcBA9oTA5is6QHOgzJo%2FxjG9b9w8BnJq7k8n0d1FC%2BNaetIL6ISw"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5950000dfdbe3207000000001
cf-ray
62e040cf5e48dfdb-FRA
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 1E92 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
4984
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Thu, 10 Mar 2022 21:53:47 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 1E92 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
42422
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 11:29:49 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1E92 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 11:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
43342
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Thu, 10 Mar 2022 11:14:29 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 1E92 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
39997
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1E92 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
531326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
moneybile.js
ads.themoneytizer.com/ Frame E12B 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame E12B 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:50 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1172
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame E12B 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Last-Modified
Thu, 07 Jan 2021 10:51:28 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495364_14CE6074:423F
ETag
"5ff6e7b0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame 61CE 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211722
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211722
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 1DE2 		95 B
807 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%FD1%97%0C%3C%BA1z%8C~%A9%EB%C1%A7%82%E0%29%B2%9F%8E%F2%F3%91%2AL%90%90-%8F%29%E9%F1%86V%03PK%CB%88U%E5ZyL%F8L%DE%C0-%F5%9E%DC%8DI%0A-%B4%403%ED%8C%08o%3F%90%86%1C%EDzAg%B0z%D7%F1%FC%0F%E7%91L%03uIOj%02%89%93%C8%95%BC%F6%E5lp%D6%3Dv%21X%95%18F%82%0D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%19%D3%1A%16%8EH%FA%14p%FC%5D%5E%99%D5%C3%0A%A6%EB3%A2%2A%82%E9ue%86%B4%3A%CF.HS%28%87%C1%01%22%3C%B7D%9Da.%E3o%03q%1Br%1F%09%1E%C3x%A9%D2K%BE%81%B3%DA%88%FFZ%1E%10SNL%F3%07%89%22N%D4%D5%90%12%B8H%82%7DQ%09%F3%9A+o%D5z%F4OT%AF%86%1F%E1f%9D%CD%D4%F2c%CA%E6; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d5a100004a7a5ba1a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf68404a7a-FRA
quant.js
secure.quantserve.com/ Frame E12B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame E12B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame E12B 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5923
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
_XszSFw9in3aVh8FzXV9_0lymNSBHETcxBWpZ1jTh3liFrgXlfoVYA==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame E12B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=592
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame E12B 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
9.gif
id5-sync.com/c/12/106/1/ Frame E12B
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://id5-sync.com/c/12/108/8/2.gif?puid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F9%2F7%2F3.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/9/7/3.gif?puid=roaz59Jq9KdKObYu-WxY2_YTwrlApCgckj8Mco9O7Y0&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=a4382e1f-b74c-443e-9e6a-4bfce44247ac&gdpr=1&gdpr_consent=
  • https://sync-uid.leadplace.fr/sync-uid.php?part=id5&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F109%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/109/4/6.gif?puid=1369094608298840689&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=C54092948ACF436E&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F1%2F9.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/1/9.gif?puid=05fa220402754b9eb2ab1769&gdpr=1&gdpr_consent=
0
0
moneybile.js
ads.themoneytizer.com/ Frame E8AF 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame E8AF 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1048
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame E8AF 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495364_14CE6078:423F
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame B343 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211727
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211727
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame EB19 		95 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%1D%7B1.s%EC%1E%60%3EP%89%F9%D16%1AB%C00%A2%C2%B7%12%B3%AB%09%1B%95%0B%F8%89%AA%F0%14%8B%09%92%EB%FC%08%7B16%10%A4%AD%AEa%B9M%CF%3D%BB%16%E5%DA%2282%1E%C1%C7%83%E9%11%B8%90%5D%7D%11%A7%02%EC%B366%A1%C8%07%15%E6CtJbY%A4%B0%C7%D6%F0%26X%C4w%C1%15%C3%F3%03%5C%21%8B%FC%B4%F9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%40%F6%F6%CF%B5%40%06%BC%85t%5C3%DE%03%7F%0B%13%E2%A9%FB%3Cn%0A%2Fs%E8%97ar%C2K%D0%A6%5C%3F%BAV%CB%C1%F4%FF%8F%12%19H%9E%FE%F0%A5%3EsR%5E%BB%A6%1F9%0D%2F6%C6%221c%A6%7Dz%B8%C0y%E1L%AC%CA%FB%2B%3AP%7B%BD%A4%15%E9%D3K%29%7F%D4%D4m%13W%FA%C45%DC%E9%93%11%3Fj%919%5DV; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d5a600004a7a6a25b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf684b4a7a-FRA
quant.js
secure.quantserve.com/ Frame E8AF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame E8AF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame E8AF 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5923
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
szXN4_w00Hz-eWSE2jKNYJQ81XG8WHhFc5yeoFPM8M1LvnR0dRsSdQ==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame E8AF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=592
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame E8AF 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
3.gif
id5-sync.com/c/12/163/7/ Frame E8AF
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F8%2F2.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/8/2.gif?puid=05fa2204020fbfa235e406f4&gdpr=1&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F7%2F3.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F7%2F3.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/163/7/3.gif?puid=H8HdPzkR1Lk84w5&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/12/163/7/3.gif?puid=H8HdPzkR1Lk84w5&gdpr=1&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.31 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p22.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:55 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:55 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://id5-sync.com/c/12/163/7/3.gif?puid=H8HdPzkR1Lk84w5&gdpr=1&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/d91669a4/ Frame 7CAD 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
4984
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Thu, 10 Mar 2022 21:53:47 GMT
www-embed-player.js
www.youtube.com/s/player/d91669a4/www-embed-player.vflset/ Frame 7CAD 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 11:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
42422
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58727
x-xss-protection
0
expires
Thu, 10 Mar 2022 11:29:49 GMT
base.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 7CAD 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 11:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
43342
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514953
x-xss-protection
0
expires
Thu, 10 Mar 2022 11:14:29 GMT
fetch-polyfill.js
www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/ Frame 7CAD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 12:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
39997
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Thu, 10 Mar 2022 12:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7CAD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
531326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
/
g.themoneytizer.net/g/ Frame FDF6 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
smart.js
ced-ns.sascdn.com/diff/js/ Frame FDF6
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2021 09:55:48 GMT
Server
AkamaiNetStorage
ETag
"e6a775016908fad29cd9910ec06e46c5:1615283753.11686"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 10 Mar 2021 23:16:51 GMT
content-length
0
moneybile.js
ads.themoneytizer.com/ Frame FDF6 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16267
expires
Fri, 09 Apr 2021 23:16:29 GMT
sync
gum.criteo.com/ Frame FDF6 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Mar 2021 23:16:51 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1404
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame FDF6 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Last-Modified
Thu, 07 Jan 2021 17:29:20 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98ACF8C:E606_91EFC0A6:01BB_60495364_14CE6083:423F
ETag
"5ff744f0-e7c"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3708
/
onetag-sys.com/usync/ Frame 16D5 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1615418211743
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1615418211743
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 8EE3 		95 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=%17%5B%00%1C%15%0FKW%05%87%0B%C3%9B%C5Q%A8%88B%FE%F1%84%2A%9A%F6z%F3k%84%1C%8E%AA%830~%ED%A7%A88%05A%07Qr%D57AFG%A5%BE%DD%890%EE%80%C9%23%14.%EE%09%22%0D%F1%05%7C%02%BE%5B%D8%EAKK%27%F5RH%8A%92%82%AD%B9%5D%9F%0A%26%10%E4%F8%14%8ArX%95%D2%0B%0AK%23%8C%BFP%40%15%FD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-type
image/png
content-length
95
set-cookie
__cfduid=df0eb3fe754fe908badbe1595373af5d61615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=j%0E%22e%06%CFB%0E%8FS%3D%970%BCz%DDs%92%10%13p%B7%DF%08p%AA-%94%C8c%C20%A5%00%3E%83Q0%80%F5%26%E6%D4%11%CFw%19%95%01%C9%F39%D7%A0%29Q%AC%A9%AD%5EAm%95%EDP%C7f%3D%E4%EC8%F6%06%07bf%D6%93%93%A7%F8%F3%02%B1%13b%BF%0AT%8A%B2%A0%B9%2F%F2%F6%22%81%C7%BA%A0%7CeV%EB; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.botasot.info
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d5b300004a7a3f871000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040cf88584a7a-FRA
quant.js
secure.quantserve.com/ Frame FDF6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Mar 2021 23:16:51 GMT
px.js
p.cpx.to/p/12761/ Frame FDF6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.19.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-19-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1631
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame FDF6 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-15.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 21:38:10 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
5923
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
Re41omu_61JHK0H2Dh6sXPFMu3uYlLfbdnDPbpxl7GPRGHbAXYHi7w==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame FDF6 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 22:26:09 GMT
Server
Apache
ETag
"76419a-925a-5bd362755dd96"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=592
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12743
Expires
Wed, 10 Mar 2021 23:26:44 GMT
prebid.js
ads.themoneytizer.com/moneybid4_29/build/dist/ Frame FDF6 		517 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid4_29/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=67404&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 17:03:46 GMT
server
nginx
etag
"23752-8123e-5bca4d58cc7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
165220
expires
Fri, 09 Apr 2021 23:16:08 GMT
2.gif
id5-sync.com/c/12/163/8/ Frame FDF6
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F8%2F2.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F8%2F2.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/163/8/2.gif?puid=CuELjBo41Lk84w5&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/12/163/8/2.gif?puid=CuELjBo41Lk84w5&gdpr=1&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.31 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p22.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:55 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:55 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://id5-sync.com/c/12/163/8/2.gif?puid=CuELjBo41Lk84w5&gdpr=1&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
projectagora.net/libs/prebidv3/ Frame 44EC 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jZ4jMSropleXH8aBdVZe6PzvvgYayelCrcC0Fs4wFtjoANWKuEz%2FbaaLh60dNXHFRI9GWt1jaWIR8fufVls9AU%2BMQ0dC8z4sdnxZbDNLMfq9tGTfgYTIL23tgRoC"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5c80000dfdb2201e000000001
cf-ray
62e040cfae71dfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame E384 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B8U2pW5VCbut2UpeOfVhVUxcEr7xjAKR73DloQSxFHwpgYQI4NWdoQSVleUHygCPRCGjCyV81UQhXkuFEv2B8ylWtK0rlY2A5JqTUHADmiOgnaT2ZpSaM269pN5m"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5d00000dfdb4c18d000000001
cf-ray
62e040cfbe75dfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 15F5 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FrZEM2%2Bivi2%2FHmEAhgzPAHg%2Bn5YCaicME6Z1bQvMGuzQvaWtnQEjVNzZVtQRSZ95jqxR3sSNsbDljDge94YEcfymhFaztwsJd%2BRYL6ktEWqKzB10J9ZeQv6NnAVN"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5d50000dfdb32abe000000001
cf-ray
62e040cfbe7cdfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 805A 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t57%2FKd3DEebAw2SaWvclQUV7qmdJBlzS2kGLaYLGU56BdP1Lv4ZiZcr61CrqqXw8rDz6ZNBsg3hh4%2FUjTQMsUX2IAOiOosOY1836GwSChIEOIDWGrtOImXGRG06B"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5d60000dfdb3b03e000000001
cf-ray
62e040cfbe7ddfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 417A 		340 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=owqYDQvOyhIjaLVC1JxUGTxDaNk0Zv7vfnXBuG47ED8xcdxzICoQ7nDDU%2FokBd%2B7d1Ei9aCr6qv0kJYk%2BSJDG34Jgi2JHR5fECIdNUrqTabl07oXIVc0WgVCnuZe"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5d60000dfdbcea4e000000001
cf-ray
62e040cfbe7edfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 4CCD 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=umBAYF0ORdBR8pYZQWjIVAgpcIo6QsU5X3OUD6n7ioXcxqE6UELHqUF70HuR52eui%2BgmFbP7m6AirkjvTyOudLYUrwiR5gQmNwlmwjXTwI76eEQFcj7brJfdD2KR"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5d70000dfdb27999000000001
cf-ray
62e040cfbe7fdfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 3ABA 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z4OG99DPCULCqw%2FERBg64hBaAwazYieaJPizjc1Z4nxAFf%2B0%2BekVyXTbi9ExhNpnDMLlyl0ccfevn75LitwD1LRpQal6q7S4%2BtVdWYrGEpvkTRpUu%2BRXvzaB9U%2FD"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d5d90000dfdb38230000000001
cf-ray
62e040cfce80dfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 83D6 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b8gGA82XV9Sas2qS5Ndf3nWERA5CXnv7cwgJBL1BDxKOL3bChXyFlbLIiik9MPRTYcZ53BsppIww2%2BicHTea2NUlMWmtzXied3qKLZz%2F0G8U%2F%2Fa17Wm46KbUnO2V"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d60f0000dfdb3b03f000000001
cf-ray
62e040d01ea3dfdb-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame C974 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=7502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7N%2B%2B18f3uGpYMFkmcK1oc55ariHPMUR%2B%2FLqK0fYP6GZRUicCGKfonb1ThgUnJWBtsqUKk26FenTTwwdAVQWB4P10sNtXvg8N6%2FW1GLY9X%2FuUKz4ot3c1KiMjE2eB"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d6180000dfdb2a027000000001
cf-ray
62e040d02ea7dfdb-FRA
css
fonts.googleapis.com/ Frame DFB7 		2 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 22:31:55 GMT
server
ESF
date
Wed, 10 Mar 2021 23:16:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 23:16:51 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame DFB7 		2 KB
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d8120000edaf08ac6000000001
cf-ray
62e040d35f59edaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ Frame DFB7 		836 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2562
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d8130000edaf8e2dd000000001
cf-ray
62e040d35f5bedaf-CDG
truncated
/ Frame DFB7 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cmp
spl.zeotap.com/ Frame 1EEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=434f7115-f90a-405e-72e5-7d33c931cc4f&uc=2&zdid=1258&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=j%0E%22e%06%CFB%0E%8FS%3D%970%BCz%DDs%92%10%13p%B7%DF%08p%AA-%94%C8c%C20%A5%00%3E%83Q0%80%F5%26%E6%D4%11%CFw%19%95%01%C9%F39%D7%A0%29Q%AC%A9%AD%5EAm%95%EDP%C7f%3D%E4%EC8%F6%06%07bf%D6%93%93%A7%F8%F3%02%B1%13b%BF%0AT%8A%B2%A0%B9%2F%F2%F6%22%81%C7%BA%A0%7CeV%EB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
set-cookie
__cfduid=dd620eb9984c292f3dad1427bc2d195691615418211; expires=Fri, 09-Apr-21 23:16:51 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006d67700004a7a70195000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040d0b9574a7a-FRA
prebid.js
projectagora.net/libs/prebidv3/ Frame 919C 		340 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4R0R8M3RFX1K3M6J
x-amz-id-2
cY+LYUGA0UVz2xCUwuXl8aH/SeZRIakgAX2yJJyDaxmCJveMpP9rXPl55xgIa56U5uPt4ydlQ90=
last-modified
Mon, 25 Jan 2021 09:50:38 GMT
server
cloudflare
etag
W/"38d394b5cb15b8a0418e659303132aeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BDG69YWt7E211EPLGTWoizyvjT3Za7rmyprgffBz7l6gF91T%2FiQbrlzfXfLUFoa25PHzv7pkeUncoCVomKcuP4J8LHFZKFXQE%2F64IXN1p7nQJzh1Ymr4uRDc5Nn3"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
08c006d6780000dfdbfeb2e000000001
cf-ray
62e040d0bef4dfdb-FRA
headerstats
as-sec.casalemedia.com/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:52 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:52 GMT
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 5818 		400 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
e6l2ON0srT6bv/3reeRfqwRfrkbxAuk/P1NaL9UP6vQw6jhC0dYy3eXbQWwWW5ST3YwrtQHcFZC/SMDDPenc5g==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 02 Mar 2021 19:44:29 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Wed, 02 Mar 2022 19:44:29 GMT
xYGWzhPAP02.js
www.facebook.com/rsrc.php/v3iEpO4/yF/l/en_US/ Frame 5818 		479 KB
124 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yF/l/en_US/xYGWzhPAP02.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c4508c688e17fb2e0d8489e0039d88f29ebbd6eb5aaf5e7183299d1a1af8294
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 20:00:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YrteqC6gpDdOOPCbWQRhkg==
cross-origin-resource-policy
cross-origin
content-length
126335
x-fb-rlafr
0
x-fb-debug
1lpq49yeYe/QHroNceuEVZmSy7Pz5X6VanL+gYz22GKPIN2XQ0TFtExkqndB7dcvniM9dIePmr6tQaGA61cSoA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Mar 2022 20:00:46 GMT
css
fonts.googleapis.com/ Frame C6F8 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bef68150a61b79f71c0f81f23efe27a78da8f6e60e0f188d378b407f9276225a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 22:34:04 GMT
server
ESF
date
Wed, 10 Mar 2021 23:16:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 23:16:52 GMT
css
fonts.googleapis.com/ Frame C6F8 		2 KB
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 22:28:34 GMT
server
ESF
date
Wed, 10 Mar 2021 23:16:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 23:16:52 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame C6F8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d7db0000edafab3bc000000001
cf-ray
62e040d2fedfedaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ Frame C6F8 		836 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2562
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d7db0000edaff9bd3000000001
cf-ray
62e040d2fedeedaf-CDG
truncated
/ Frame C6F8 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d8240000edaff5b05000000001
cf-ray
62e040d36f84edaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2562
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d82d0000edaf18b3a000000001
cf-ray
62e040d37f94edaf-CDG
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5af0e9a1724a015590aef7e4400e45930d8c7d314d587e0732c5a60053be9953

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 211F 		2 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 22:33:29 GMT
server
ESF
date
Wed, 10 Mar 2021 23:16:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 23:16:52 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame 211F 		2 KB
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d82f0000edaf0f29c000000001
cf-ray
62e040d37fa1edaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 211F 		836 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
2562
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006d8410000edafd08c7000000001
cf-ray
62e040d39fd0edaf-CDG
truncated
/ Frame 211F 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
servicer.mgid.com/283092/ Frame DFB7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/283092/1?w=0&h=-1&wrongImageSize=1&p1_w=0&p1_h=0&cols=1&pv=5&cbuster=1615418212240953513578&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.botasot.info%2F&lu=https%3A%2F%2Fwww.botasot.info%2F&pageView=1&pvid=1781e6dbf9093b6788f&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd26c0ae713e171a6d75b9235c3944689d036841a2f1edc820c1a72ccea2085a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d3afe9edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d84a0000edaff9bd9000000001
botasot.info.js
ghb.adtcontent.com/prebidmg/448727/ Frame DFB7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghb.adtcontent.com/prebidmg/448727/botasot.info.js?cb=448727
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a88c3560e787ff0cdf0b548468e46c0c812a140fec9bcdb438587e3b5ce5eef6

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Length
1572
Content-Type
application/javascript; charset=UTF-8
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 7BA8 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
oGf6SwBFyaj8_rJ2wc2mi_H_B8ZN-JLZOoDVrhOthDwcKC3XyQ-Liw==
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame EC81 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
PrRewPGSWBWb_zoo4zTQ-siIko4-n8BNngro7QXHT6JGtlLYnZLWzQ==
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 827E 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
vnisipXDcMClBiJRs07BXsdkhH_xPtSI0eQEu-2XWlm37281VZruGw==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C6F8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.botasot.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
12261
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 10 Mar 2022 19:52:31 GMT
1
servicer.mgid.com/94395/ Frame C6F8 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/94395/1?w=660&h=496&p4_w=213&p4_h=207&cols=3&pv=5&cbuster=1615418212308897696306&ogtitle=Bota%20Sot&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.botasot.info%2F&lu=https%3A%2F%2Fwww.botasot.info%2F&pageView=0&pvid=1781e6dbfd58294af3e&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3a118b06aa8d3d2250d7373110715acf2b4baccddab94f98cf34cb9fbe2ec0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d3c80aedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d85c0000edaff5b07000000001
850x636_Untitled1615407688.jpg
www.botasot.info/media/botasot.info/images/2021/March/10/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/media/botasot.info/images/2021/March/10/850x636_Untitled1615407688.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1272fec548bf374a77e52acbb5a9716ae823f7dffcb81cd6baf2acbcdbbed7da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d7d800004e0849318000000001
pragma
private
last-modified
Wed, 10 Mar 2021 20:21:30 GMT
server
cloudflare
etag
W/"60492a4a-f60f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MauSNd357hcaIAVHUBN3ODG1X4iw2F61iX5EGti9WQvUFDalyEXlVb8xpPNMec8f2EPgj0rICi4h%2Fc37rNygBJlhuGHPMfM2eCsWSfU%2F8Txf%2BRDoZNf9nYFqnJBR"}]}
content-type
image/jpeg
cache-control
max-age=3600, private
cf-ray
62e040d2ffe54e08-FRA
expires
Thu, 11 Mar 2021 00:18:23 GMT
850x636_auto_VESELITHAQ15972554771615409523.jpg
www.botasot.info/media/botasot.info/images/2021/March/10/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/media/botasot.info/images/2021/March/10/850x636_auto_VESELITHAQ15972554771615409523.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273a9b4657282328103262613bfa245689397a7d1883de593a26c1a24652b56d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d7d800004e085b043000000001
pragma
private
last-modified
Wed, 10 Mar 2021 20:52:07 GMT
server
cloudflare
etag
W/"60493177-10d11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8HE7DslRtM5ny2FMKkFylZIe0Ya8oPn4yx4EG%2BsxfGgNmMQfMkECjL%2BW3xMr%2FyfF6d4ATR61Tq4jvF1DdzmueZqMYlAVV%2BoL1eJ5yu7bX7t40kVtm3cLx9diDIGx"}]}
content-type
image/jpeg
cache-control
max-age=3600, private
cf-ray
62e040d2ffe74e08-FRA
expires
Thu, 11 Mar 2021 00:18:23 GMT
850x636_ASTRIT-GASHI1615409233.png
www.botasot.info/media/botasot.info/images/2021/March/10/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/media/botasot.info/images/2021/March/10/850x636_ASTRIT-GASHI1615409233.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06b73b6f816c0b28d283051c827b23f3fcd5aa396e4c36f7c0cb73eea3afa4b

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d7d900004e08101da000000001
pragma
private
last-modified
Wed, 10 Mar 2021 20:47:19 GMT
server
cloudflare
etag
W/"60493057-333f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MGt8Ie6rNYCNU0al%2BCabk8SEoklPDuZdQQJC3kYxk7L2eg%2BLQ2r64qMtlfmpVmGYof82TRWpDfLnPEKal%2FBK9xFIFo8NB5uY501dl8CCDGgY1wVyh94l8mjv%2BDPT"}]}
content-type
image/png
cache-control
max-age=3600, private
cf-ray
62e040d2ffed4e08-FRA
expires
Thu, 11 Mar 2021 00:18:23 GMT
850x636_auto_albulena-haxhiu-116099539451612378117.jpg
www.botasot.info/media/botasot.info/images/2021/February/03/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/media/botasot.info/images/2021/February/03/850x636_auto_albulena-haxhiu-116099539451612378117.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32b24dcc0307ecfcecec5ede1120f0ef90aefa69fcbed6843f45d4c5d6681b3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d7da00004e08239ce000000001
pragma
private
last-modified
Wed, 03 Feb 2021 18:48:39 GMT
server
cloudflare
etag
W/"601af007-b404"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=222f6fC8eQFMck1G5w3ZJB00abxSCYq8qG1TWcxnUt0ACVZEBeIUw%2B%2FiijlQu%2FAX5VXeZsNMQOTyFYjvmPBxYwxcc%2Fb%2FJsnCxFcl8z7m5vBAhygVVbVgZ1%2BIhgV9"}]}
content-type
image/jpeg
cache-control
max-age=3600, private
cf-ray
62e040d2ffef4e08-FRA
expires
Thu, 11 Mar 2021 00:18:23 GMT
850x636_aslam1615411327.jpg
www.botasot.info/media/botasot.info/images/2021/March/10/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/media/botasot.info/images/2021/March/10/850x636_aslam1615411327.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5c32cf5266d345f49cb96a07afbd099d2814a540d7bfcff3c641cd8b0d7d8c

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d7da00004e0843879000000001
pragma
private
last-modified
Wed, 10 Mar 2021 21:22:10 GMT
server
cloudflare
etag
W/"60493882-c55a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dwxURm3NpM8dC3WswLvKpC1O9dApaP9xbV%2BG1xuXBkqlvQqLH6VWOOmOsMz41dCaW2GXzTun5UhHNpEPUpTsKkWurzkJti9uTEwKkUEoN8mcQEFra5yv7Qe6xusQ"}]}
content-type
image/jpeg
cache-control
max-age=3600, private
cf-ray
62e040d2fff24e08-FRA
expires
Thu, 11 Mar 2021 00:18:23 GMT
850x636_fatmir-780x439-11615413299.jpg
www.botasot.info/media/botasot.info/images/2021/March/10/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.botasot.info/media/botasot.info/images/2021/March/10/850x636_fatmir-780x439-11615413299.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ca88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c286cdd59541edb5d17c058b78afea71a3d2e4092e997fbe777667d1813bd097

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d7da00004e08309f7000000001
pragma
private
last-modified
Wed, 10 Mar 2021 21:55:01 GMT
server
cloudflare
etag
W/"60494035-8c7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4lmIwzUiWt0e7tMXZDoCSTHVB%2FHs1%2F5yEaDc2bUAZQrdeKkX%2FRtyeJ82%2BjzqJnbwgj7WBh9G64ZspEJclwuxNKgrD2v4PbDwirJI2BxIwj8R9VDJeMfQ0lwqygW0"}]}
content-type
image/jpeg
cache-control
max-age=3600, private
cf-ray
62e040d2fff44e08-FRA
expires
Thu, 11 Mar 2021 00:18:23 GMT
fire.js
s.cpx.to/ Frame 7BA8 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9f9f9a6b812cbaa9976464f789b49cf8ce38a49eccad330c648dee224848a0e7
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:52 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Fri, 05 Mar 2021 13:41:57 GMT
1
servicer.mgid.com/1079095/ 		986 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1079095/1?w=994&h=278&cols=1&pv=5&cbuster=161541821237286890867&uniqId=12232&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.botasot.info%2F&lu=https%3A%2F%2Fwww.botasot.info%2F&pageView=0&pvid=1781e6dc014b374a6c1&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
758533be412e03c5283cfe06d6c8920eb2829b0184788e7b63624271c7df50d5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d42882edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d89d0000edafa72f6000000001
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 632A 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
NXd7IB5v0cs69_zm4mR5rN3v0VHsZCc7pGekywis5ZUbUxsbn8KKKw==
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame E12B 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
zSm-lGLaWxHJ3oFIX9mxqjv3If-fZbZlZgJQ4hRrqLvDtExykSh5-w==
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame E8AF 		1 KB
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
GPV6BEVpgWgkQYqSFcRmve5EufY1fbTx5jzSUEr7fQzWfkWsVoVrNA==
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame FDF6 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:29:05 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2868
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
4xj65m_qZvNJNXNgzJXkE3YIHb4lGVBOi0ZeWIBAPJyUsnUELGwPwQ==
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 211F 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.botasot.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
555621
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:31 GMT
xYGWzhPAP02.js
www.facebook.com/rsrc.php/v3iEpO4/yF/l/en_US/ Frame 5818 		479 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yF/l/en_US/xYGWzhPAP02.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c4508c688e17fb2e0d8489e0039d88f29ebbd6eb5aaf5e7183299d1a1af8294
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 20:00:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YrteqC6gpDdOOPCbWQRhkg==
cross-origin-resource-policy
cross-origin
content-length
126335
x-fb-rlafr
0
x-fb-debug
1lpq49yeYe/QHroNceuEVZmSy7Pz5X6VanL+gYz22GKPIN2XQ0TFtExkqndB7dcvniM9dIePmr6tQaGA61cSoA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Mar 2022 20:00:46 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
monitoring-f88bae3.js
cdn.pbstck.com/ Frame 7BA8 		154 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-f88bae3.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f1b20a8f-5831-4b2a-a511-821ecd3a61e4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d2f83a5752f02c084569894069e3229b27d301b972aac208bf51ebe286e0636

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
HIT
age
121833
x-guploader-uploadid
ABg5-UzMgCvXv-SYxX-eVxKnxr6L1cvdxDtN0ZhD93Ezj8wiZ15cQk6tX-qDLHHy7BVy56bljwd0ILi4DBeJ1HwVCCay_sEHeQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d8bb00004a927bba4000000001
last-modified
Tue, 09 Mar 2021 13:25:56 GMT
server
cloudflare
etag
W/"3e2e4b4297216619aef110d2db367feb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=shBHQw==, md5=Pi5LQpchZhmu8RDS2zZ/6w==
x-goog-generation
1615296356794674
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
44531
cf-ray
62e040d45c444a92-FRA
expires
Tue, 16 Mar 2021 13:26:08 GMT
1
servicer.mgid.com/283092/ Frame 211F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/283092/1?w=300&h=250&p1_w=300&p1_h=250&cols=1&pv=5&cbuster=1615418212515280257096&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fwww.botasot.info%2F&lu=https%3A%2F%2Fwww.botasot.info%2F&pageView=0&pvid=1781e6dc0a38267bcbe&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13980a32f2e750758427b9bcd160f7753dccafc27d62a3b502b4518903f839ed

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d49913edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006d8e20000edaf04905000000001
botasot.info.js
ghb.adtcontent.com/prebidmg/448727/ Frame 211F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghb.adtcontent.com/prebidmg/448727/botasot.info.js?cb=448727
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
7025d427e0a275e4217b38aa21de8bdcc643cfa966920124b631d3ffa484384d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Length
1572
Content-Type
application/javascript; charset=UTF-8
fire.js
s.cpx.to/ Frame EC81 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
31544b94955c836ce2145a4e9ec93d95775472568fee0f6c409a085cdec7fc93
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:52 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Fri, 05 Mar 2021 13:41:57 GMT
rid
match.adsrvr.org/track/ Frame 7BA8 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e0ebab0601f663441faea3d22d4cce4d5d03f97b2d19d201b38280f3b270ca59

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:52 GMT
identity
api.rlcdn.com/api/ Frame 7BA8 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
googleads.g.doubleclick.net/pagead/ Frame 1ACC 		113 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e71a50826f971e7f413fa835283e667b2974dfb57b02046c1f453f9b91f74d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1ACC 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
825
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:18:07 GMT
identity
api.rlcdn.com/api/ Frame EC81 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame EC81 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e0ebab0601f663441faea3d22d4cce4d5d03f97b2d19d201b38280f3b270ca59

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:52 GMT
id
googleads.g.doubleclick.net/pagead/ Frame C449 		113 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6029b0b41c1f09b53038f3fd83bb1f518edf893e1cda64d768bfd0f854006e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C449 		29 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
825
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:18:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 7BA8 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33587
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:52 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fire.js
s.cpx.to/ Frame 827E 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1764a82180924aaadac3765a627e47f63b83b87f8e3bdb9a040c159527b6e017
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:52 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Wed, 10 Mar 2021 11:49:41 GMT
identity
api.rlcdn.com/api/ Frame 827E 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame 827E 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e0ebab0601f663441faea3d22d4cce4d5d03f97b2d19d201b38280f3b270ca59

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame EC81 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33587
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
fire.js
s.cpx.to/ Frame 632A 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9f01aa1a6c52531759ce3f7b63067d4e8997005b19e5f49c29cc3cf71faebb33
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:52 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Wed, 10 Mar 2021 11:49:41 GMT
identity
api.rlcdn.com/api/ Frame 632A 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame 632A 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e0ebab0601f663441faea3d22d4cce4d5d03f97b2d19d201b38280f3b270ca59

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:52 GMT
fire.js
s.cpx.to/ Frame E12B 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e52e0f2325c14b8cb9909df543d8b399c48a791c617f74a3cc52ae279108cb15
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:52 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Wed, 10 Mar 2021 11:49:35 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 1E92 		113 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f4f066ce39090186721f11f9a16e21a70ff3804537e3b018f36af4dc0304ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1E92 		29 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
825
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:18:07 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 7CAD 		113 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dea197afb1c70ebecb116eee2aaea9c307b09907b27ac0858c471e73ac067a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 7CAD 		29 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
825
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:18:07 GMT
remote.js
www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/ Frame 1ACC 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d147cda91ae12ae7b9c6fc3510b7e940516bfd536c1a7ecc4c1f5b2964bf6ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 15:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 01:18:19 GMT
server
sffe
age
113398
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32709
x-xss-protection
0
expires
Wed, 09 Mar 2022 15:46:54 GMT
9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
www.google.com/js/bg/ Frame 1ACC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
587418
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6189
x-xss-protection
0
expires
Fri, 04 Mar 2022 04:06:34 GMT
embed.js
www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/ Frame 1ACC 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fe3ad971af59050eb81aa1bd8c1dae7e011f339e5d6edd0c9d189c6b06525f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 15:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 01:18:19 GMT
server
sffe
age
113381
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
expires
Wed, 09 Mar 2022 15:47:11 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame C449 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
34109
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Thu, 10 Mar 2022 13:48:23 GMT
9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
www.google.com/js/bg/ Frame C449 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
587418
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6189
x-xss-protection
0
expires
Fri, 04 Mar 2022 04:06:34 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame C449 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 17:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
19437
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Thu, 10 Mar 2022 17:52:56 GMT
truncated
/ Frame 1ACC 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1ACC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b83f5fd9991bf6c2f06a891c98e29bc2d288f1ffcb446e9000c6ed0e5bd7404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:28:02 GMT
x-content-type-options
nosniff
age
2931
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2978
x-xss-protection
0
server
fife
etag
"vb6c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 11 Mar 2021 18:27:59 GMT
sddefault.webp
i.ytimg.com/vi_webp/rxgNYXR3a94/ Frame 1ACC 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/rxgNYXR3a94/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25a923552c5f1d2513278b51856b92dfcc3d4b2a4c59582ce68adab5ae6c46ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=300
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31964
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:21:53 GMT
truncated
/ Frame C449 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C449 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b83f5fd9991bf6c2f06a891c98e29bc2d288f1ffcb446e9000c6ed0e5bd7404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:28:02 GMT
x-content-type-options
nosniff
age
2931
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2978
x-xss-protection
0
server
fife
etag
"vb6c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 11 Mar 2021 18:27:59 GMT
sddefault.webp
i.ytimg.com/vi_webp/4gEeW7D-q48/ Frame C449 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/4gEeW7D-q48/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2393698989d639d5e3f33868ffbd0c2469d4af8bb06ce51e928771d6f1ffcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=300
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31952
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:21:53 GMT
identity
api.rlcdn.com/api/ Frame E12B 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame E12B 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d9a2f4153993aa7399a97b268adefd70e34c943e670f26394e88ef45e6b9e00

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:53 GMT
fire.js
s.cpx.to/ Frame E8AF 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17c7db1ce8195c6b484a4ef6f8897799a352373cbb6fbb4909e03a0115a57ba7
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Wed, 10 Mar 2021 11:49:35 GMT
rid
match.adsrvr.org/track/ Frame E8AF 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d9a2f4153993aa7399a97b268adefd70e34c943e670f26394e88ef45e6b9e00

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:53 GMT
identity
api.rlcdn.com/api/ Frame E8AF 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 827E 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33588
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
fire.js
s.cpx.to/ Frame FDF6 		950 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2227599193b520d63eb990b76c4f05c59a80d0d497ec5cf659fab8c7ee7a1507
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
950
Expires
Fri, 05 Mar 2021 13:41:57 GMT
headerstats
as-sec.casalemedia.com/ Frame 7BA8 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
rid
match.adsrvr.org/track/ Frame FDF6 		108 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d9a2f4153993aa7399a97b268adefd70e34c943e670f26394e88ef45e6b9e00

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.botasot.info
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 09 Apr 2021 23:16:53 GMT
identity
api.rlcdn.com/api/ Frame FDF6 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
alt-svc
clear
content-length
44
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 632A 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33588
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame E12B 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33588
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1E92 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
34110
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Thu, 10 Mar 2022 13:48:23 GMT
aiakLxCh6SfyRAu_XRdI5jYdZht5unCK3398XpSkxAU.js
www.google.com/js/th/ Frame 1E92 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/aiakLxCh6SfyRAu_XRdI5jYdZht5unCK3398XpSkxAU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a26a42f10a1e927f2440bbf5d1748e6361d661b79ba708adf7f7c5e94a4c405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 16:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
24054
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14201
x-xss-protection
0
expires
Thu, 10 Mar 2022 16:35:59 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 1E92 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 17:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
19437
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Thu, 10 Mar 2022 17:52:56 GMT
truncated
/ Frame 1E92 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1E92 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b83f5fd9991bf6c2f06a891c98e29bc2d288f1ffcb446e9000c6ed0e5bd7404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:28:02 GMT
x-content-type-options
nosniff
age
2931
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2978
x-xss-protection
0
server
fife
etag
"vb6c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 11 Mar 2021 18:27:59 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/9F-ijnSdWwE/ Frame 1E92 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/9F-ijnSdWwE/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
413d1019b37732044f169dfc84520226181ab3a63e324e1e630ee110ef76d27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:13:31 GMT
x-content-type-options
nosniff
server
sffe
age
202
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=300
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84226
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:18:31 GMT
remote.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 7CAD 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
34110
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32703
x-xss-protection
0
expires
Thu, 10 Mar 2022 13:48:23 GMT
aiakLxCh6SfyRAu_XRdI5jYdZht5unCK3398XpSkxAU.js
www.google.com/js/th/ Frame 7CAD 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/aiakLxCh6SfyRAu_XRdI5jYdZht5unCK3398XpSkxAU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a26a42f10a1e927f2440bbf5d1748e6361d661b79ba708adf7f7c5e94a4c405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 16:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
24054
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14201
x-xss-protection
0
expires
Thu, 10 Mar 2022 16:35:59 GMT
embed.js
www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/ Frame 7CAD 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 17:52:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 01:18:06 GMT
server
sffe
age
19437
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
expires
Thu, 10 Mar 2022 17:52:56 GMT
tracking
ghb.adtelligent.com/adunit/ Frame DFB7 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghb.adtelligent.com/adunit/tracking?site_id=7156&client_id=303941&event=22&type=0&adid=3B6AB6F5B8D89277&vpbv=1.0&pubbid=0.08&subtype=0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:53 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
i.js
cm.mgid.com/ Frame DFB7 		1 KB
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1615418213221460096578
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e8c56ad0b89c4d18ca24c3f99cfc6db667001a8aedf38727e13839c640b2e91

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
ee0578b4-e02e-458d-bb9b-a60338f1a59d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d8ae35edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006db6d0000edaf1a2b8000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 921E 		19 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=16154182132248754032
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
14485929-9464-4cd3-8f46-12c882ba6281
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d8be3bedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006db6f0000edafde8e3000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x328/0x0x1001x667/ Frame 66DE 		21 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s-img.mgid.com/g/8164884/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1615418212-WzZqK69leiMPqCKVlZ0jOF-PEzuo6EoVIrOjHGZMJ0M
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
fca7d1b6-ac8f-4690-9594-d59b6b1fc777
age
2626438
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21184
cf-request-id
08c006db9f0000086f25366000000001
last-modified
Mon, 08 Feb 2021 10:20:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d8fcdb086f-CDG
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame DFB7 		2 KB
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2564
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006db730000edaff5b2d000000001
cf-ray
62e040d8be4aedaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ Frame DFB7 		836 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dbac0000edafd01f5000000001
cf-ray
62e040d91ed5edaf-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x328/0x0x1001x667/ Frame DFB7 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1615418212-WzZqK69leiMPqCKVlZ0jOF-PEzuo6EoVIrOjHGZMJ0M
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
2834b0e0-f884-4a1c-88a7-c089645ceba0
age
2638501
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21184
cf-request-id
08c006dbb80000edafe2be7000000001
last-modified
Mon, 08 Feb 2021 10:20:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d92eefedaf-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x328/0x0x1001x667/ Frame 66DE 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1615418212-WzZqK69leiMPqCKVlZ0jOF-PEzuo6EoVIrOjHGZMJ0M
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
2834b0e0-f884-4a1c-88a7-c089645ceba0
age
2638501
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21184
cf-request-id
08c006db910000edafb0ade000000001
last-modified
Mon, 08 Feb 2021 10:20:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d8ee8aedaf-CDG
cavalry_endpoint.php
www.facebook.com/common/ Frame 5818 		67 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615418211995&t_start=1615418211995&t_domcontent=1615418212238&t_layout=1615418213226&t_onload=1615418213226&t_paint=1615418213226&t_creport=1615418213227&t_tti=1615418212238&lid=6938168387646728826-0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.6/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df274cb7355266e%26domain%3Dwww.botasot.info%26origin%3Dhttps%253A%252F%252Fwww.botasot.info%252Ff711a0b6122dfc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbotasot.net%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
6RsCvDqBQZnB5fDsd7shA5d6mkfh/cRfz0xSHipytuR+MPsAOZtDoJOY2uJScXjCv0r4fbazNR8TCFDK5rRclw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 10 Mar 2021 23:16:53 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame E8AF 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33588
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2564
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dbb90000edafad16f000000001
cf-ray
62e040d92ef1edaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dbbc0000edaf8f2d2000000001
cf-ray
62e040d92efcedaf-CDG
i.js
cm.mgid.com/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1615418213262226018185
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bfe07e2a8c59c831a42b7c2a9205f1c5af18f53b3a54bbd826f41a976be192

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
b9a6ca95-1f32-4302-948c-d3cbaaf718b4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d93f09edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006dbc00000edaf91b0d000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame E104 		19 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1615418213266248399360
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
34b19ad1-7827-4146-921a-5da1e0b734ae
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040d93f21edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006dbc80000edafdc3d0000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I0MWU3ZTY0MDJhNzY1YzcxNDk5ZmE4ZGI4ZTM3YmUxLmpwZWc.webp
s-img.mgid.com/g/8193492/300x200/0x0x728x485/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193492/300x200/0x0x728x485/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I0MWU3ZTY0MDJhNzY1YzcxNDk5ZmE4ZGI4ZTM3YmUxLmpwZWc.webp?v=1615418212-xzPRiBuxF2i05fSR4tIJ50xYOn-bBkiMdnqFabHBrqw
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc72914d31d4b58dfa84644e01dc03945ffa0a66bc80920f09d30efd882ec557

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
72425351-d165-4a7f-83ab-203487a68774
age
2471296
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11224
cf-request-id
08c006dbda0000edafbfbbd000000001
last-modified
Wed, 10 Feb 2021 07:24:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d95f5eedaf-CDG
tracking
ghb.adtelligent.com/adunit/ Frame 211F 		43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghb.adtelligent.com/adunit/tracking?site_id=7156&client_id=303941&event=22&type=0&adid=3B6AB6F5B8D89378&vpbv=1.0&pubbid=0.08&subtype=0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:53 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
ca.png
s.cpx.to/ Frame 7BA8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
  • https://s.cpx.to/ca.png?dsp=dbm&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ Frame 7BA8 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d982ffc037fa96&gdpr=0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame 7BA8
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
an_fire
s.cpx.to/ Frame 7BA8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid
ccbe1b23-3855-443f-b6f2-7446f105e54c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=2224c521-ab61-46d8-8ed7-e59969e2b4d6
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/ Frame 7BA8
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2224c521-ab61-46d8-8ed7-e59969e2b4d6&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
s.cpx.to/ Frame 7BA8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame 7BA8 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame 211F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2564
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dd1a0000edafa305c000000001
cf-ray
62e040db5a0bedaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 211F 		836 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dd380000edaff39aa000000001
cf-ray
62e040db8a51edaf-CDG
botasot.info.js
player.adtelligent.com/prebidmg/q448727/ Frame 8E1D 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Requested by
Host: ghb.adtcontent.com
URL: https://ghb.adtcontent.com/prebidmg/448727/botasot.info.js?cb=448727
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c52b16607de413e3ad4fdd9e199540fd5593524566397907928265e528b397e7

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 16:22:05 GMT
server
nginx
etag
W/"6048f22d-b5b9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 11 Mar 2021 00:16:53 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
i.js
cm.mgid.com/ Frame 211F 		1 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1615418213282190754115
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
736124086a13e14243b02c63914c3f874e0c19f3324f73cea6d23a4fba0e0d8e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
fc532f66-9595-4cb4-af77-2fe95d71c246
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dcaba3edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006dde80000edaf18b83000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 1ECC 		19 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1615418213286436757009
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
2bb86313-a95f-4b30-a1d4-3560690b5563
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dccbc9edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006ddfd0000edafdc3ec000000001
server
cloudflare
widget-log
c.mgid.com/ Frame 19FB 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-log?id=283092&d=HeaderBiddingDebug.%20Time%3A%20755.%20DBTimeout%3A%20600.%20RealTimeout%3A%200.%20SSP%3A%20760%20SspBid%3A%200.000053.%20Status%3A%20win.%20Data%3A%20%7B%22width%22%3A300%2C%22height%22%3A250%2C%22adId%22%3A%22890327997562.88%22%2C%22ad%22%3A%22%22%2C%22code%22%3A%22mgBanner_283092_1_1%22%2C%22bid%22%3A0.08%2C%22requestSizes%22%3A%5B300%2C250%5D%2C%22run%22%3A0%7D.&ts=1615418213275
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040dcebeeedaf-CDG
access-control-allow-methods
POST, OPTIONS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de150000edaf0f2f2000000001
truncated
/ Frame 7CAD 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7CAD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhF9VF6spnRuVWn3gqjfPrPvt0pLSsk4PP0G3uXOw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b83f5fd9991bf6c2f06a891c98e29bc2d288f1ffcb446e9000c6ed0e5bd7404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:28:02 GMT
x-content-type-options
nosniff
age
2931
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2978
x-xss-protection
0
server
fife
etag
"vb6c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 11 Mar 2021 18:27:59 GMT
sddefault.webp
i.ytimg.com/vi_webp/Y0MFQiVVmH4/ Frame 7CAD 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Y0MFQiVVmH4/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21a84680ef4ffc0ff47d04666ae2115eb53e329c8953428723769801cb90e385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=300
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31558
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:21:53 GMT
headerstats
as-sec.casalemedia.com/ Frame 827E 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
headerstats
as-sec.casalemedia.com/ Frame EC81 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame C6F8 		2 KB
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2564
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dbc10000edafe8ac8000000001
cf-ray
62e040d93f0dedaf-CDG
Adchoices.svg
cdn.mgid.com/images/logos/ Frame C6F8 		836 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2563
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cf-request-id
08c006dbc10000edafb0ae1000000001
cf-ray
62e040d93f0fedaf-CDG
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C6F8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.botasot.info
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
188706
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:51:47 GMT
i.js
cm.mgid.com/ Frame C6F8 		1 KB
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1615418213308704180999
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec9005fdc49ada6926660816bf0e41c448d7ee4f59761f6f2186f8963afd3a8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
0d1184f7-5b0b-43df-aeb8-edb3e9855c14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dcfbf9edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de1b0000edafc1bb7000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame E66F 		19 B
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1615418213311861938524
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/botasot.info.94395.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
eab6e084-357e-4486-aefe-68378ab1c381
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dd2c29edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de380000edafa3069000000001
server
cloudflare
aHR0cHM6Ly9ib3Rhc290LmluZm8vbWVkaWEvYm90YXNvdC5pbmZvL2ltYWdlcy8yMDIxL01hcmNoLzExL2F1dG9fd2pkamRqZDE2MTU0MTc5NTMuanBn.webp
s-img.mgid.com/g/0/492x328/0x0x0x0/ Frame C6F8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x328/0x0x0x0/aHR0cHM6Ly9ib3Rhc290LmluZm8vbWVkaWEvYm90YXNvdC5pbmZvL2ltYWdlcy8yMDIxL01hcmNoLzExL2F1dG9fd2pkamRqZDE2MTU0MTc5NTMuanBn.webp?v=1615418212-pYFrKPNe_Y2aT6S2VELDQ2hWgxjzZFsS3QabvgeKbmI
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6449a4c8c49b4d01fe55e5b47371ba54df9858c6c8bff260d3d500ac24e932

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 23:15:53 GMT
x-mg-request-uuid
8538125c-f444-434c-82d8-c36c6efb64eb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d94f41edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6180
cf-request-id
08c006dbce0000edafd5214000000001
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81N2FjZDYwMGU3ODUyY2I1Z...
s-img.mgid.com/g/8164827/492x328/-/ Frame C6F8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164827/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81N2FjZDYwMGU3ODUyY2I1ZjMzMGUwMGIwMjYzN2U1My5qcGc.webp?v=1615418212-JqWamQdwAvJXVD98foEEYLSPI--Y0loBaFedR6U4P6M
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
153232d7a63e1f452827ba72a1fddd4b964a322ae067c29301c4cede21f0d043

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
55f67ad5-3bd7-4e4b-bec4-357fc635dd35
age
2637779
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6014
cf-request-id
08c006dbcf0000edafcc0bb000000001
last-modified
Mon, 08 Feb 2021 10:20:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d94f43edaf-CDG
aHR0cHM6Ly9ib3Rhc290LmluZm8vcHVibGljL2JvdGFzb3QvaW1hZ2VzL2xvZ28ucG5nP3Y9MjYxMTE4MDE0MjI4.webp
s-img.mgid.com/g/0/492x328/0x0x0x0/ Frame C6F8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x328/0x0x0x0/aHR0cHM6Ly9ib3Rhc290LmluZm8vcHVibGljL2JvdGFzb3QvaW1hZ2VzL2xvZ28ucG5nP3Y9MjYxMTE4MDE0MjI4.webp?v=1615418212-f-j3CGhxGLvfs2fx8BqTy24gBQ1mRwWA8M_kXBOhDqY
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0682578b3515e099197d585c16c6860f059c496b34525ba075925027d1d61dfe

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
637d482a-482a-4219-b930-1bf3cd843b3e
age
2481211
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9154
cf-request-id
08c006dbcf0000edaf1a2c0000000001
last-modified
Wed, 10 Feb 2021 06:01:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d94f44edaf-CDG
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2ZjN2ViOTIwMTgzY2VmOGUyMDIzMDQ4OTYxMzlkZDI2LmpwZWc.webp
s-img.mgid.com/g/8164902/492x328/0x35x751x500/ Frame C6F8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164902/492x328/0x35x751x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2ZjN2ViOTIwMTgzY2VmOGUyMDIzMDQ4OTYxMzlkZDI2LmpwZWc.webp?v=1615418212-x2F6uPcbzP-vYc0-HKibM8_XzSaUuHzvWyIVfo9wPqM
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8d6201a89428a7f81ab11a351314da59096cc21a8908acb78e0b89f7e2d4b2

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
ef48a36b-b634-4cde-af22-79b50d268202
age
2638318
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9918
cf-request-id
08c006dbcf0000edafd08f1000000001
last-modified
Mon, 08 Feb 2021 10:20:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d94f45edaf-CDG
aHR0cHM6Ly9ib3Rhc290LmluZm8vbWVkaWEvYm90YXNvdC5pbmZvL2ltYWdlcy8yMDIxL01hcmNoLzExL2F1dG9fMS03MjE2MTU0MTc4MDcuanBn.webp
s-img.mgid.com/g/0/492x328/0x0x0x0/ Frame C6F8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/0/492x328/0x0x0x0/aHR0cHM6Ly9ib3Rhc290LmluZm8vbWVkaWEvYm90YXNvdC5pbmZvL2ltYWdlcy8yMDIxL01hcmNoLzExL2F1dG9fMS03MjE2MTU0MTc4MDcuanBn.webp?v=1615418212-9oxi20MHb5xWTL6_qHCgPl3Z-qiUlKRN-nL1Nq02Oyo
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43ae32f5c2326bd2f881e5a9ace23eb793291bb649b76aa925610024513e6b2

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 23:15:53 GMT
x-mg-request-uuid
5ce0469e-9ba5-465a-ba11-ab7fa9c2a937
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d94f47edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9220
cf-request-id
08c006dbcf0000edafde8ea000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp
s-img.mgid.com/g/8164907/492x328/0x119x501x334/ Frame C6F8 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164907/492x328/0x119x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp?v=1615418212-C4b8eIN3u4cZe0EqAac5JAYlAur7VkL23Z8C0wjpX1E
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21faabc2b83e51ceffe56dac2f5d1525978aad819e708c6fcc613479113e8f3

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
HIT
x-mg-request-uuid
519acabe-7179-43a3-af25-97e4f6a7703c
age
2638365
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27394
cf-request-id
08c006dbcf0000edafe2be9000000001
last-modified
Mon, 08 Feb 2021 10:20:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62e040d94f48edaf-CDG
int_exchange_wages_src.svg
cdn.mgid.com/images/mgid/ Frame C6F8 		855 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_src.svg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
age
2489
etag
W/"8a4c1edaf146a31549d5287a7ab74b63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
RVQ9qie9JAdjD+gbZMYADB4kvE2O+VC58T+A6HsmOpz4aMMu6kutlD/B3lSipncl2rBG8z0v/8w=
content-type
image/svg+xml
cf-ray
62e040d97f8bedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
D4C2174C37EADC2E
cf-request-id
08c006dbec0000edaff738d000000001
widget-ssp-performance
c.mgid.com/ Frame C6F8 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=363
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040dd4c56edaf-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de4e0000edaf08b12000000001
sync
s.cpx.to/ Frame EC81
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame EC81 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
getuid
sync.smartadserver.com/ Frame EC81
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
token
token.rubiconproject.com/ Frame EC81 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d98039614b7262&gdpr=0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ca.png
s.cpx.to/ Frame EC81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
  • https://s.cpx.to/ca.png?dsp=dbm&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/ Frame EC81
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.146:80
AN-X-Request-Uuid
1cac3102-7936-4c40-99fe-144a5dbdecd9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/ Frame EC81
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D10edb21e-a45d-4ffe-a217-7f896d30bf0d
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=10edb21e-a45d-4ffe-a217-7f896d30bf0d
Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame FDF6 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33588
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 13:57:05 GMT
headerstats
as-sec.casalemedia.com/ Frame 632A 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
headerstats
as-sec.casalemedia.com/ Frame E12B 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
token
token.rubiconproject.com/ Frame 827E 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d98039614b7262&gdpr=0
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame 827E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame 827E 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
ca.png
s.cpx.to/ Frame 827E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
  • https://s.cpx.to/ca.png?dsp=dbm&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame 827E
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
an_fire
s.cpx.to/ Frame 827E
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid
e299103f-8952-4a23-9656-e7ac2a95cb8f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/ Frame 827E
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D9b11b7cf-7f52-410e-94b5-24a0a268d14e
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=9b11b7cf-7f52-410e-94b5-24a0a268d14e
Date
Wed, 10 Mar 2021 23:16:53 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
headerstats
as-sec.casalemedia.com/ Frame E8AF 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
headerstats
as-sec.casalemedia.com/ Frame FDF6 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.botasot.info%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 10 Mar 2021 23:16:53 GMT
token
token.rubiconproject.com/ Frame 632A 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d98039614b7262&gdpr=0
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame 632A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame 632A 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
getuid
sync.smartadserver.com/ Frame 632A
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ca.png
s.cpx.to/ Frame 632A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
  • https://s.cpx.to/ca.png?dsp=dbm&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/ Frame 632A
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Date
Wed, 10 Mar 2021 23:16:52 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
an_fire
s.cpx.to/ Frame 632A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3Db98a8c1c-6ed0-413f-8e45-3259281ad139
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid
ffdcd3a6-55b9-40d1-bcd2-af9c22599b97
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=b98a8c1c-6ed0-413f-8e45-3259281ad139
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
token
token.rubiconproject.com/ Frame E12B 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d98039614b7262&gdpr=0
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame E12B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame E12B 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
getuid
sync.smartadserver.com/ Frame E12B
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ca.png
s.cpx.to/ Frame E12B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
  • https://s.cpx.to/ca.png?dsp=dbm&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/ Frame E12B
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Date
Wed, 10 Mar 2021 23:16:53 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
an_fire
s.cpx.to/ Frame E12B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D43b8a9cb-0ddd-46fe-a762-32351bdc2022
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid
971474e3-936c-4993-a8cf-fa29422ec54f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=43b8a9cb-0ddd-46fe-a762-32351bdc2022
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
token
token.rubiconproject.com/ Frame E8AF 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d98039614b7262&gdpr=0
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame E8AF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame E8AF 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
an_fire
s.cpx.to/ Frame E8AF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.81:80
AN-X-Request-Uuid
0943a458-316e-4565-b3e6-895bcb4168a7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/ Frame E8AF
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
Date
Wed, 10 Mar 2021 23:16:53 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ca.png
s.cpx.to/ Frame E8AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
  • https://s.cpx.to/ca.png?dsp=dbm&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame E8AF
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:54 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D5a1ccee7-0ca7-45f6-bbad-28025e1ca1a7&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
token
token.rubiconproject.com/ Frame FDF6 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=34010&puid=17d98039614b7262&gdpr=0
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/ Frame FDF6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
95 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&dsp=TTD
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
179
sync
pool.grid-data.bidswitch.net/ Frame FDF6 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.130.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-130-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
getuid
sync.smartadserver.com/ Frame FDF6
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593&cklb=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:54 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593&cklb=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
s.cpx.to/ Frame FDF6
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=12565106-853d-45e0-a3e1-3c14ee960593
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=12565106-853d-45e0-a3e1-3c14ee960593
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&fid=12565106-853d-45e0-a3e1-3c14ee960593
Date
Wed, 10 Mar 2021 23:16:54 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
an_fire
s.cpx.to/ Frame FDF6
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26hn_ver%3D11%26fid%3D12565106-853d-45e0-a3e1-3c14ee960593
  • https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 10 Mar 2021 23:16:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:54 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid
54b2280a-969d-4e45-928e-1e8b00636b3f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1086387011141840971&pid=12761&ref=&hn_ver=11&fid=12565106-853d-45e0-a3e1-3c14ee960593
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca.png
s.cpx.to/ Frame FDF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=12565106-853d-45e0-a3e1-3c14ee960593
  • https://s.cpx.to/ca.png?dsp=dbm&fid=12565106-853d-45e0-a3e1-3c14ee960593&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=12565106-853d-45e0-a3e1-3c14ee960593&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.130.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-130-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=12565106-853d-45e0-a3e1-3c14ee960593&google_gid=CAESEG96AXntsS8wPsw5Y_3-C7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1ACC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:16:53 GMT
notifyme.php
adtrack.adleadevent.com/ Frame 7BA8 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ Frame EC81 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 66DE 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame B027
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213221460096578
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.botasot.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Mar 2021 23:16:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 10 Mar 2021 23:16:53 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/ Frame DFB7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid&tc=1
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid&tc=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
e8c863e4-d2b0-4e30-af5c-1976801ce652
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e16aededaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e0e60000edafbc377000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid&tc=1
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT, Wed, 10 Mar 2021 23:16:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/ Frame DFB7
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
61c8216a-1395-4be5-989f-b0be5fa31bfa
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040ebaa45edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e7450000edaf95194000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
date
Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
google
cm.mgid.com/ Frame DFB7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dc3b23edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006dda40000edafb0afa000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ul_cb/ Frame DFB7
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l2aQczTrjTgf
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=a8254cc1-d604-4469-84d9-5428611b55b6
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=a8254cc1-d604-4469-84d9-5428611b55b6
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=a8254cc1-d604-4469-84d9-5428611b55b6
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Mar 2021 23:16:55 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=a8254cc1-d604-4469-84d9-5428611b55b6
date
Wed, 10 Mar 2021 23:16:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cm.lentainform.com/setmuidn/ Frame DFB7 		0
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040ea6a120883-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e682000008832d8b8000000001
m
cm.mgid.com/ Frame DFB7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
fcff636c-a3b4-42ad-8043-8e7e94833a49
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dc3b22edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006dda30000edaf08b0a000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/ Frame DFB7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7063067012202087846&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:55 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
7096d4b2-4d57-4bfc-8d8a-fdf7b5406bc2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e508abedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e3220000edafa630a000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 10 Mar 2021 23:16:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/ Frame DFB7 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040eb1db5ee48-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
08c006e6f30000ee48232bc000000001
generate_204
www.youtube.com/ Frame 1ACC 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?xBi91Q
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C449 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:16:53 GMT
generate_204
www.youtube.com/ Frame C449 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?HIl7eA
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1E92 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:16:53 GMT
notifyme.php
adtrack.adleadevent.com/ Frame 827E 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ Frame E12B 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ Frame 632A 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
generate_204
www.youtube.com/ Frame 1E92 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?txLgKQ
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7CAD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:16:53 GMT
generate_204
www.youtube.com/ Frame 7CAD 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Zmsf9g
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:53 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:55 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
416986d0-b2c6-4186-8193-2ca7f5b66aee
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e3aeceedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e2480000edafbc38d000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT, Wed, 10 Mar 2021 23:16:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
8ad903df-9710-41fa-aba2-eb186fe4f21f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040ebaa49edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e7460000edaff7bdc000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
date
Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
Bidswitch
s.seedtag.com/cs/cookiesync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=a8254cc1-d604-4469-84d9-5428611b55b6
0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=a8254cc1-d604-4469-84d9-5428611b55b6
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.106.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:55 GMT
via
1.1 google
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
clear
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=a8254cc1-d604-4469-84d9-5428611b55b6
date
Wed, 10 Mar 2021 23:16:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.lentainform.com/setmuidn/ 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1615418213262226018185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040ea6a140883-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e6820000088316a44000000001
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dcaba8edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006ddec0000edafaa2f9000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
fd1a6271-8119-44bd-985e-dafbaa9c19ef
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dcaba7edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006ddea0000edafb0afe000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=fd5aea07-d874-4b6f-9c9a-8b21ffaebcc5&ssp=mgid&user_group=1
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
43 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:55 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
d811257c-3437-49f7-8b13-f572ff2db566
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e57954edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e36e0000edaff5b9f000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 10 Mar 2021 23:16:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/ 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1615418213262226018185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040eb1dbfee48-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
08c006e6f40000ee4819b77000000001
usync.html
eus.rubiconproject.com/ Frame 00E1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1615418213262226018185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.botasot.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Mar 2021 23:16:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 10 Mar 2021 23:16:53 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
notifyme.php
adtrack.adleadevent.com/ Frame E8AF 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ Frame FDF6 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.121.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-121-94.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Mar 2021 23:16:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tracking
ghb.adtelligent.com/adunit/ Frame 8E1D 		43 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0.08&event=11&full_page_url=https%3A%2F%2Fwww.botasot.info&adid=3B6AB6F5B8D89378&vpbv=1.0&client_id=303941&site_id=7156&lifecycle_tte=597
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:53 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
j.html
p.oftads360.com/prebidmg/118696/ Frame 7B3B 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 8E1D 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f3ccaf6c4c4022b9fbe938e7253da465dddfd661e6aa77bb8a6513502d712643
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:53 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
05c19e60-ed82-49d9-8fed-b2adf0f032b7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 8E1D 		0
0
hb
ice.360yield.com/ Frame 8E1D 		0
0
auction
rtb.adxpremium.services/openrtb2/ Frame 8E1D 		303 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924bd01a910a12b6c3734bd21a50257ac44d3770fd8e04a3086f5125d5350529

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:16:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de0c00006467d0a8a000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fUagYBNrvKP%2BFN2HfnlwH87NC0sLjOmd1WpXTbnYGsGrt9VsweaUsRLyAqTmEXN7IqibBbCPHgWqRyoUeDyJPh4vG8tiDFFSEiiOfPcxUKbp4hXQ6mN5bZ5j3w6Elij1RLjBhA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dcd9356467-FRA
expires
0
arj
adtelligent-d.openx.net/w/1.0/ Frame 8E1D 		0
0
/
ghb1.adtelligent.com/auction/ Frame 8E1D 		859 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/auction/?domain=https%3A%2F%2Fwww.botasot.info&tmax=1940&vpbv=1.0&session_id=3B6AB6F5B8D89378&callbackId=2516392254a89cd&ad_type=display&sizes=300x250&aid=574304
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
218f936f72f3ff310570bcbb1f7af84ba63d591da7a675f1a36cf481210d94bf

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:53 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.botasot.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
533
google
cm.mgid.com/ Frame 211F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dd6c80edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de640000edaf08b15000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 4A1F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213282190754115
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.botasot.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Mar 2021 23:16:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 10 Mar 2021 23:16:53 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
v1
match.sharethrough.com/sync/ Frame 211F
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a8254cc1-d604-4469-84d9-5428611b55b6&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a8254cc1-d604-4469-84d9-5428611b55b6&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.174.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:55 GMT
content-length
68
content-type
image/png

Redirect headers

location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=a8254cc1-d604-4469-84d9-5428611b55b6&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date
Wed, 10 Mar 2021 23:16:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
m
cm.mgid.com/ Frame 211F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
6de0ee02-a349-4f89-872f-4016e5d3c654
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040dd6c7eedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de600000edafc1bbb000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1&ttl=1618010213
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/ Frame 211F
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
db1d1c0e-8ced-4803-8e97-30a50cecdbd8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040ebaa4dedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e7470000edafb0b86000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
date
Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
m
cm.mgid.com/ Frame 211F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=3VoFHT4e12yOxqXnbObSWc00&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:55 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c8655fb1-486a-4240-b3b1-c619f6a52f27
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e72c50edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e47a0000edaf9488f000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 10 Mar 2021 23:16:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
m
cm.mgid.com/ Frame 211F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:55 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
10cd623e-d2c8-4910-a6d6-aafd2b3f7ebb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e4a833edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e2ed0000edafdc03d000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:55 GMT, Wed, 10 Mar 2021 23:16:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
cm.lentainform.com/setmuidn/ Frame 211F 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213282190754115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040eadac60883-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e6c90000088342032000000001
/
cm.idealmedia.io/setmuidn/ Frame 211F 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213282190754115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040eb1dbcee48-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
08c006e6f40000ee487b009000000001
setuid
mp.4dex.io/ Frame C6F8
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l2aQczTrjTgf
  • https://mp.4dex.io/setuid?bidder=bidswitch&uid=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp.4dex.io/setuid?bidder=bidswitch&uid=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:57 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
0

Redirect headers

location
//mp.4dex.io/setuid?bidder=bidswitch&uid=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.lentainform.com/setmuidn/ Frame C6F8 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213308704180999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040eadac80883-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e6c9000008832a18d000000001
google
cm.mgid.com/ Frame C6F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDJhUWN6VHJqVGdm&muidn=l2aQczTrjTgf
  • https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040ddcd0bedaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006de9f0000edaff9832000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l2aQczTrjTgf&google_ula={guid},5&google_gid=CAESEK-JrDOvyJcw01zXtuYSYNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame C6F8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=a8254cc1-d604-4469-84d9-5428611b55b6
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=a8254cc1-d604-4469-84d9-5428611b55b6
  • https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a4daf00a-4bdc-46d6-adc0-867bfef23290
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040ed8c91edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e87a0000edaff7bea000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=a8254cc1-d604-4469-84d9-5428611b55b6&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/ Frame C6F8 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l2aQczTrjTgf
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213308704180999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62e040eb1db9ee48-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
08c006e6f40000ee48483cb000000001
usync.html
eus.rubiconproject.com/ Frame DD0B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1615418213308704180999
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.botasot.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Mar 2021 23:16:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 10 Mar 2021 23:16:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/ Frame C6F8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
cb9c418c-e734-4815-871b-5e65767a1a05
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040eb2999edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e6f90000edaff7024000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=HX6BeclPQi8q13cflLL1&pi=mgid
pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT, Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/ Frame C6F8
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
09d763ad-2a1f-429b-8e04-7d7c510a6ed6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040ebfab3edaf-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e77e0000edafea821000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
date
Wed, 10 Mar 2021 23:16:56 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame B027 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20028
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Thu, 11 Mar 2021 04:50:42 GMT
usync.js
eus.rubiconproject.com/ Frame 00E1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20028
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Thu, 11 Mar 2021 04:50:42 GMT
usync.js
eus.rubiconproject.com/ Frame DD0B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20028
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Thu, 11 Mar 2021 04:50:42 GMT
usync.js
eus.rubiconproject.com/ Frame 4A1F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20028
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Thu, 11 Mar 2021 04:50:42 GMT
khaos.jpg
token.rubiconproject.com/ Frame 00E1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame B027 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame DD0B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 4A1F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
multitracking
ghb.adtelligent.com/adunit/ Frame 8E1D 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:54 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
hbimp
ghb.adtelligent.com/adunit/ Frame 8E1D 		0
207 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/hbimp
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
grumi.js
rumcdn.geoedge.be/0114343c-636b-4878-a7f6-78c6f5d10797/ Frame 9B73 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/0114343c-636b-4878-a7f6-78c6f5d10797/grumi.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E805 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-187.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.botasot.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1086387011141840971; icu=ChgI4axaEAoYASABKAEw5aalggY4AUABSAEQ5aalggYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 10 Mar 2022 23:16:56 GMT
Date
Wed, 10 Mar 2021 23:16:56 GMT
Connection
keep-alive
load-cookie.html
user-sync.adxpremium.services/ Frame A9DE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method
GET
:authority
user-sync.adxpremium.services
:scheme
https
:path
/load-cookie.html?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

date
Wed, 10 Mar 2021 23:16:55 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d9694b9b86ae18761d4924b5c8283692e1615418215; expires=Fri, 09-Apr-21 23:16:55 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Fri, 26 Feb 2021 09:17:16 GMT
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
08c006e5de00006467e3091000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dB06mhyZV1AVAq7EUxlcL9Gx9u21lnII%2FMGj8AYQg6rhnjaZgJ9tYFv8BdAIjwWQrFyZIl%2FQQu2NIgCbWpInt8VmF4bqJ6VBPtnKtGF36L8aT8vkEfiaG0Z2QLImkfTMgpoDi4Zb8to9LA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62e040e96a4f6467-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cookie_sync
user-sync.adxpremium.services/ Frame A9DE 		2 KB
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/cookie_sync
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Mar 2021 23:16:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c006e5fe00006467eaa1f000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YR1ZTl%2B%2B%2BE7ZlGUWgq%2Fu65QDOOcQyqVaS9vmRj3nhn4NxvDkoPsfOSfg8g0eSW1HLDaXvMtidxVBMx1bwHUjZsaPFXsKwdhZmom47p9AuXr9xSOCKRQo%2BJdclqII3HJBK1qDgz4HsJVN%2BA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user-sync.adxpremium.services
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62e040e99a556467-FRA
expires
0
sync.html
s.adtelligent.com/ Frame 48FE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=601760
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5160::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
5b5539135143814703c866c2b8561b50641478c3996afafed0de64dc13eb67ff

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=1ef38235b7694f7a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
VertaMedia 1.0
Date
Wed, 10 Mar 2021 23:16:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
743
Access-Control-Allow-Origin
https://user-sync.adxpremium.services
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 48FE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1086387011141840971
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1086387011141840971
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:56 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid
c65d3c1d-5ac9-4de1-897e-72428bb18f1d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1086387011141840971
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 48FE
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
dss2gsgggmssvdcvdvm3cgj8rf6ib5ap
setuid
rtb.adxpremium.services/ Frame 48FE
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=1ef38235b7694f7a
0
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=1ef38235b7694f7a
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jQVRZ4phwI6UE4a132sP%2Bo%2FR0%2BtD%2FxhFZ4Syitnuq4NS2vwrVQb3z7tIWhOEqmTUWb6MdizVgcQTG%2Bpj%2BwhPoybwQBFvbCYSxK56gusZ%2B7jY31QK772y7moLZ1ZLOLBuqbdveQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040ed5ab06467-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08c006e85500006467ce03b000000001
expires
0

Redirect headers

Location
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=1ef38235b7694f7a
Date
Wed, 10 Mar 2021 23:16:55 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
/
ads59.adtelligent.com/display/ Frame 9B73 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
07a0aa40c94afcdf079407c1384aa45d6229314afe11149306492ee90ea36b95

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:56 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.botasot.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
7467
sync.js
ads59.adtelligent.com/ Frame 9B73 		873 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/sync.js?aid=574304
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
10bb9f6536e7477fcb05163e3a6b032a668d45e54f8cd8a7f5023015a7852124

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:56 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.botasot.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
432
/
dsp3.adtelligent.com/banner/ Frame A193 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp3.adtelligent.com/banner/?adid=036AB1C911EC587F.L5339S0C6267
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5101::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
6b1e8b385e8757bee84070d43450b3bf322ec3235cc6c0825af6c72d906b6e62

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:55 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.botasot.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=7200
Content-Length
1312
e
ads59.adtelligent.com/t/ Frame 9B73 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads59.adtelligent.com/t/e?adid=3B6AB6F5B8D8A266&aid=574304&cmpId=502776&code=50
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads59.adtelligent.com/tracking/ Frame 9B73 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2001&adid=3B6AB6F5B8D8A266&cmpId=502776&aid=574304&i_top_domain=https%3A%2F%2Fwww.botasot.info&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads59.adtelligent.com/tracking/ Frame 9B73 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=0&adid=3B6AB6F5B8D8A266&cmpId=502776&aid=574304&i_top_domain=https%3A%2F%2Fwww.botasot.info&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
impression
ads59.adtelligent.com/tracking/ Frame 9B73 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=true&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=502776&nestedLevel=0&adid=3B6AB6F5B8D8A266&aid=574304&i_top_domain=https%3A%2F%2Fwww.botasot.info
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads59.adtelligent.com/tracking/ Frame 9B73 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2003&nested=0&adid=3B6AB6F5B8D8A266&cmpId=502776&aid=574304&i_top_domain=https%3A%2F%2Fwww.botasot.info&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
dsp3.adtelligent.com/tracking/impression/ Frame 384A 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp3.adtelligent.com/tracking/impression/?adid=036AB1C911EC587F.L5339S0C6267
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5101::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:55 GMT
Server
VertaMedia 1.0
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.botasot.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=7200
Content-Length
43
b54da380b306da0723b589684d2df04a.png
cdn.admitad-connect.com/public/bs/2020/06/16/ Frame 384A
Redirect Chain
  • https://ad.admitad.com/b/zfd4poaerd36479d277116525dc3e8/
  • https://cdn.admitad-connect.com/public/bs/2020/06/16/b54da380b306da0723b589684d2df04a.png
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.admitad-connect.com/public/bs/2020/06/16/b54da380b306da0723b589684d2df04a.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:462b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4e74b1199790b898884005269b32d21ab896528c4f47305e13698ace105ffe

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
29105
content-length
20488
cf-request-id
08c006e8d90000d72539bab000000001
last-modified
Tue, 16 Jun 2020 14:01:22 GMT
server
cloudflare
etag
"9f7e133f2e60da802ac5c897327556dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PTo9voHn5fikFh2P7f7ytVka5gWPuWsRtSwJmkJbnm0OBegGm1ejWhH62FhTCrVI4yV2xzimTKSzonxj3LuGl5Cz67RhlmKUSusFchrZSO7oelQMGVZ6YHZU3oTnyvX6Zv3vdA%3D%3D"}]}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
62e040ee2d43d725-FRA
expires
Thu, 11 Mar 2021 15:11:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:56 GMT
server
nginx
p3p
CP="NON DSP COR CURa TIA"
location
https://cdn.admitad-connect.com/public/bs/2020/06/16/b54da380b306da0723b589684d2df04a.png
cache-control
private, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
content-length
0
expires
Tue, 01 Jan 1980 1:00:00 GMT
campaign
ads59.adtelligent.com/tracking/ Frame 9B73 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2003&nested=1&adid=3B6AB6F5B8D8A266&cmpId=502776&aid=574304&i_top_domain=https%3A%2F%2Fwww.botasot.info&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B6AB6F5B8D8A266&aid=574304&cb=455916648
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
multitracking
ghb.adtelligent.com/adunit/ Frame 8E1D 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:16:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
async_usersync
secure.adnxs.com/ Frame E805 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:57 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.177:80
AN-X-Request-Uuid
eaeeff37-d9b1-4588-a541-43b268cc57a0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
connectmyusers.php
cdn.connectad.io/ Frame AD4B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8143d2ce4883c14ad30cc19e04d311470c3d54b5ba49ddfba2e337947888efb

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

date
Wed, 10 Mar 2021 23:16:57 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc2bc902958dc6f93731e0463fbdfdc351615418217; expires=Fri, 09-Apr-21 23:16:57 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
08c006eaba00002c0d5d82a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040f12e682c0d-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
1
sync-eu.connectad.io/syncer/ Frame D64B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.connectad.io/

Response headers

date
Wed, 10 Mar 2021 23:16:57 GMT
set-cookie
__cfduid=ddb5f830ae6789e27bc26043b783d81391615418217; expires=Fri, 09-Apr-21 23:16:57 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08c006eadf00002c0d408a9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e040f16ec02c0d-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 028C 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=true; KADUSERCOOKIE=82111B88-F146-4E86-ABC8-ADC1A441E433
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=37253
Expires
Thu, 11 Mar 2021 09:37:50 GMT
Date
Wed, 10 Mar 2021 23:16:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 510A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=true; KADUSERCOOKIE=82111B88-F146-4E86-ABC8-ADC1A441E433
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32276
Expires
Thu, 11 Mar 2021 08:14:53 GMT
Date
Wed, 10 Mar 2021 23:16:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 510A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2673484&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
695dbeaa3a6fd6c7fdefcf9ce57960a11940640a621ed82e23e559ee0057903e

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:57 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
usersync.aspx
dis.criteo.com/dis/ Frame 8B4D 		43 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2673484&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 10 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
982
x-powered-by
ASP.NET
date
Wed, 10 Mar 2021 23:16:57 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame 2851 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2673484&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
setuid
rtb.adxpremium.services/ Frame 9EE0 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=82111B88-F146-4E86-ABC8-ADC1A441E433
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=82111B88-F146-4E86-ABC8-ADC1A441E433
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiIxZWYzODIzNWI3Njk0ZjdhIiwiZXhwaXJlcyI6IjIwMjEtMDMtMjVUMDA6MTY6NTYuNTU3MDU2MzA4KzAxOjAwIn19LCJiZGF5IjoiMjAyMS0wMy0xMVQwMDoxNjo1Ni41NTcwNTM1MzMrMDE6MDAifQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 10 Mar 2021 23:16:57 GMT
content-length
0
set-cookie
__cfduid=d004e23b38ad06d28ba56970f746423071615418217; expires=Fri, 09-Apr-21 23:16:57 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Tue, 08 Jun 2021 23:16:57 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiIxZWYzODIzNWI3Njk0ZjdhIiwiZXhwaXJlcyI6IjIwMjEtMDMtMjVUMDA6MTY6NTYuNTU3MDU2MzA4KzAxOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IjgyMTExQjg4LUYxNDYtNEU4Ni1BQkM4LUFEQzFBNDQxRTQzMyIsImV4cGlyZXMiOiIyMDIxLTAzLTI1VDAwOjE2OjU3Ljc2MTQ2MjgzKzAxOjAwIn19LCJiZGF5IjoiMjAyMS0wMy0xMVQwMDoxNjo1Ni41NTcwNTM1MzMrMDE6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Tue, 08 Jun 2021 23:16:57 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
08c006ed0300006467d0abf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=npnP5fjFSTWauW15vgy2jyRWkL6f2baAsz5E7cUBeVRSrUbY1mIxuhES1QUkV6xfjV6nI3Ddoc5VRUpzwGDkwF1RmR6bqEF94UW6jGJGplsBOOjYM3VWQOynOZRHrM5QToasgw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62e040f4db986467-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 510A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ghEbiPFGToaryK3BpEHkMw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=37253
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 11 Mar 2021 09:37:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 510A 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=82111B88-F146-4E86-ABC8-ADC1A441E433
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62e040f4cc814a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006ed0100004a7a303e7000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 510A 		42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=82111B88-F146-4E86-ABC8-ADC1A441E433&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:57 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 510A
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=82111B88-F146-4E86-ABC8-ADC1A441E433&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=82111B88-F146-4E86-ABC8-ADC1A441E433&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=82111B88-F146-4E86-ABC8-ADC1A441E433&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:58 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 10 Mar 2021 23:16:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=82111B88-F146-4E86-ABC8-ADC1A441E433&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 510A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODIxMTFCODgtRjE0Ni00RTg2LUFCQzgtQURDMUE0NDFFNDMz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:55 GMT
X-lat
amspug003:0:337
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 510A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAGgox8uHtXPREusFmyq-_o&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAGgox8uHtXPREusFmyq-_o&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:55 GMT
X-lat
amspug009:0:421
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAGgox8uHtXPREusFmyq-_o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 510A 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 09 Mar 2021 23:16:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 510A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85656049-5363-4200-9abb-87f586014265&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85656049-5363-4200-9abb-87f586014265&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:58 GMT
X-lat
lhrpug012:0:546
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 10 Mar 2021 23:17:53 GMT
Server
MT3 3611 f10363c master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85656049-5363-4200-9abb-87f586014265&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Mar 2021 23:17:52 GMT
setuid
rtb.adxpremium.services/ Frame A9DE
Redirect Chain
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=PHt9jAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=1086387011141840971&mpk=PHt9jAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=1086387011141840971
0
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=1086387011141840971
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kRLR4MdwhH0xE9m4wRePd38gSBYPruhxqdLkgIWKXe9rjdu7kFZJToLrOH0hzti9c0%2BxlfGNfCMM5%2BlEj2b%2Bd8omFxL8V4urMs3SyzeMx%2BPE9QFsfWYY3U0doyjIwyOPolwLxw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cache-control
no-cache, no-store, must-revalidate
cf-ray
62e040fe1c596467-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08c006f2d100006467cd0f7000000001
expires
0

Redirect headers

date
Wed, 10 Mar 2021 23:16:59 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K6zV3tyS8cnVdPgsRtoqKaUzC8vH0c1b466f44dui9PUkClqRmY7cnYGMfHHFXOq5ypN9rXr3M4pw7WJFXvmw9A4uXwxjEj9svNQv6q6XUk%2Faj%2B0iUvq%2F0KrqQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
location
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=1086387011141840971
cf-ray
62e040fd7f514e9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
08c006f26600004e9dbcb0c000000001
loader.js
cdn.taboola.com/libtrc/botasot970x250gr-r17261818/ Frame 2296 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef56ce02a8b74885fb23125c02e3a5cce50efd028fdcfdcb6e208f4c0fdfa201

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
THCo_9xzFhR5VtmgO.IWGjvNrJ_FymDx
content-encoding
gzip
etag
"503df050a1339cb63f834cb5ab3a86de"
age
34
x-cache
HIT
content-length
19068
x-amz-id-2
TzvtwAkZEGkPHVdQ2sGqgI6eEPDdFpAUCeR5dcLzcOUSjXU9vsGL0TiWvXKnh1bQCjnmg78iaJw=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:21:51 GMT
server
AmazonS3
x-timer
S1615418219.301017,VS0,VE1
date
Wed, 10 Mar 2021 23:16:59 GMT
vary
Accept-Encoding
x-amz-request-id
TAG33RE211PTJXDQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
1
/
ads.us.e-planning.net/uspd/1/ Frame B37F
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
325975aeda706a7bed4e52f7b520aa827bb0336a3289fb627a624e22a68c3cc3

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

server
openresty
date
Wed, 10 Mar 2021 23:16:59 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AHXjAUjnn16YRurF; path=/; domain=e-planning.net; expires=Wed, 08-Mar-2028 23:16:59 GMT; SameSite=None; Secure
expires
Wed, 10 Mar 2021 23:16:59 GMT
x-sid
AMS-739
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 10 Mar 2021 23:16:59 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid
AMS-739
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2296 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3143
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418219.353494,VS0,VE0
date
Wed, 10 Mar 2021 23:16:59 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7108
um
u-ams02.e-planning.net/ Frame B37F
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D6ae8b76685acde3e
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6ae8b76685acde3e
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6ae8b76685acde3e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6ae8b76685acde3e
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame B37F
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3629875732
  • https://sync.1rx.io/usersync/tradedesk/67b1b6df-019c-49a0-bc4c-1ddc783a2eb1
  • https://sync.targeting.unrulymedia.com/csync/RX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003&dc=1079cc634ca638f8&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 10 Mar 2021 23:16:59 GMT
Server
Tengine
ETag
RX87c9b7e2425a479e8b90bcc6aa728120003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.e-planning.net/um?uid=RX-87c9b7e2-425a-479e-8b90-bcc6aa728120-003&dc=1079cc634ca638f8&iss=1
Connection
keep-alive
Content-Type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame B37F 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:58 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 09 Mar 2026 23:16:58 GMT
tm60118.js
tag.navdmp.com/ Frame B37F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3079
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
08c006f3c8000005bf69076000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
62e040ffaff805bf-FRA
expires
Wed, 10 Mar 2021 23:25:40 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame B37F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:58 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 09 Mar 2026 23:16:58 GMT
um
u-ams02.e-planning.net/ Frame B37F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1556&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D4238ca06ef07aea3%26fi%3D6ae8b76685acde3e%26uid%3D%7BPUB_USER_ID%7D
  • https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=6ae8b76685acde3e&uid=598a6a51-0f8a-4fb0-b42f-7f00ce996f1d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=6ae8b76685acde3e&uid=598a6a51-0f8a-4fb0-b42f-7f00ce996f1d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=4238ca06ef07aea3&fi=6ae8b76685acde3e&uid=598a6a51-0f8a-4fb0-b42f-7f00ce996f1d
date
Wed, 10 Mar 2021 23:16:59 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
um
u-ams02.e-planning.net/ Frame B37F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D6ae8b76685acde3e%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=6ae8b76685acde3e&uid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=6ae8b76685acde3e&uid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=6ae8b76685acde3e&uid=d6bbc147-f2f9-4898-b9c6-74fc9641636c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
jqcedt1arlurtse5gjckukdeqda1kl5n
ptag
a.audrte.com/ Frame B37F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4f600b1db2ac23f7973100fae454508086ff2db74558b89428d64639c2b38e79

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:00 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1663
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame B37F 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:58 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 09 Mar 2026 23:16:58 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame B37F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D6ae8b76685acde3e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame B37F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6ae8b76685acde3e
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.64.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
nginx/1.14.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame B37F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D6ae8b76685acde3e%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6ae8b76685acde3e&uid=1086387011141840971
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6ae8b76685acde3e&uid=1086387011141840971
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:59 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid
70f38ded-0b69-4f7b-bf0a-42bec860dbd0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=6ae8b76685acde3e&uid=1086387011141840971
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame B37F 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D6ae8b76685acde3e%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame B37F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-j998NX1E2uHUd9M6PLXvX07gnsd3DGz.Ud.7qOE-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-j998NX1E2uHUd9M6PLXvX07gnsd3DGz.Ud.7qOE-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-j998NX1E2uHUd9M6PLXvX07gnsd3DGz.Ud.7qOE-~A
Connection
keep-alive
Content-Length
0
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame B37F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 7F2C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Mar 2021 23:16:59 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Wed, 10 Mar 2021 23:16:59 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C710 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6ae8b76685acde3e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=82111B88-F146-4E86-ABC8-ADC1A441E433; KTPCACOOKIE=YES; KCCH=YES; pi=159760:3; chkChromeAb67Sec=1; DPSync3=1616544000%3A201_227_226_221; SyncRTB3=1616544000%3A7_220_21_13_161%7C1616630400%3A35; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEAGgox8uHtXPREusFmyq-_o&KRTB&22987-CAESEAGgox8uHtXPREusFmyq-_o&KRTB&23025-CAESEAGgox8uHtXPREusFmyq-_o; KRTBCOOKIE_27=16735-uid:85656049-5363-4200-9abb-87f586014265&KRTB&16736-uid:85656049-5363-4200-9abb-87f586014265&KRTB&23019-uid:85656049-5363-4200-9abb-87f586014265&KRTB&23114-uid:85656049-5363-4200-9abb-87f586014265; PugT=1615418218
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=37251
Expires
Thu, 11 Mar 2021 09:37:50 GMT
Date
Wed, 10 Mar 2021 23:16:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9C22 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6ae8b76685acde3e%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6ae8b76685acde3e%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=82111B88-F146-4E86-ABC8-ADC1A441E433; KTPCACOOKIE=YES; KCCH=YES; pi=159760:3; chkChromeAb67Sec=1; DPSync3=1616544000%3A201_227_226_221; SyncRTB3=1616544000%3A7_220_21_13_161%7C1616630400%3A35; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEAGgox8uHtXPREusFmyq-_o&KRTB&22987-CAESEAGgox8uHtXPREusFmyq-_o&KRTB&23025-CAESEAGgox8uHtXPREusFmyq-_o; KRTBCOOKIE_27=16735-uid:85656049-5363-4200-9abb-87f586014265&KRTB&16736-uid:85656049-5363-4200-9abb-87f586014265&KRTB&23019-uid:85656049-5363-4200-9abb-87f586014265&KRTB&23114-uid:85656049-5363-4200-9abb-87f586014265; PugT=1615418218
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6ae8b76685acde3e%26uid%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32274
Expires
Thu, 11 Mar 2021 08:14:53 GMT
Date
Wed, 10 Mar 2021 23:16:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7F2C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20023
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Thu, 11 Mar 2021 04:50:42 GMT
Cookie set usermatch
ssum.casalemedia.com/ Frame 91FB
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa4ed075e4bed7242c3d856482da48ea6abdbdddedbbef0c13defb8e91835bbb

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YElTbFnmkIijbW0hWGmsVgAA; CMPS=1171
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|31|64|90|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1770
Expires
Wed, 10 Mar 2021 23:17:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YElTbFnmkIijbW0hWGmsVgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 10 Mar 2022 23:17:00 GMT CMPS=1171;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 08 Jun 2021 23:17:00 GMT CMPRO=1167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 08 Jun 2021 23:17:00 GMT CMRUM3=e66049536c27600&2d6049536c05a0&276049536c0b40&5a6049536c05a0&286049536c05a00&406049536c05a0&1f6049536c05a00&f16049536c05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 10 Mar 2022 23:17:00 GMT CMST=YElTbGBJU2wA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 11 Mar 2021 23:17:00 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 10 Mar 2021 23:17:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YElTbFnmkIijbW0hWGmsVgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 10 Mar 2022 23:17:00 GMT CMPS=1171;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 08 Jun 2021 23:17:00 GMT
/
spl.zeotap.com/ Frame 5F99 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a854b949c0570691ae8b3e3ed0adc1a0c93d2318f71f7665107daaff53d0e43f

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=j%0E%22e%06%CFB%0E%8FS%3D%970%BCz%DDs%92%10%13p%B7%DF%08p%AA-%94%C8c%C20%A5%00%3E%83Q0%80%F5%26%E6%D4%11%CFw%19%95%01%C9%F39%D7%A0%29Q%AC%A9%AD%5EAm%95%EDP%C7f%3D%E4%EC8%F6%06%07bf%D6%93%93%A7%F8%F3%02%B1%13b%BF%0AT%8A%B2%A0%B9%2F%F2%F6%22%81%C7%BA%A0%7CeV%EB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
content-type
text/html
set-cookie
__cfduid=d0f67cc843035e7cc19bd53a1fd5bc05c1615418219; expires=Fri, 09-Apr-21 23:16:59 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=d52e71b6-7865-4691-51fa-468f255a2381; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=t%92%D9~%86%96%14%DF%97l%CA%F7Y%96%E7%A2%17%D8%07%9Fh%11%84%BFk%BE%A8%0C%0C%06%C4%D3dd%1C%86%1E%1C%9E%075d5%0E%F7qm%FAV%D4%83%3C%85%F6+_%9F%05%02i%94U%BDr%05%A9%1A%24%87%5B%A9iegOTm%B6%AF%3E%08%ACW%A0%9A%2A8%89%EB1%1D%5B%B7%A1r%A5%94%A9T%87%F8%B4%CF4o%C2L%0E%26%F9%C7%2A%3C%F0%84%22%C2%8Fb%92%EFz%EB%7F2%2A%17_n%3E%06%16%AF%95%84%07%C6R%3DF%ED%1A%DB%AD%83%E9%80%86%E7%DE%D3o%09%3F%8E%C7%21%BC%F2h%DD%07c6%AA%25%DB%F9%F40L%10%F1%01%82%0E; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006f43d00004a7a8331f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e041006f9c4a7a-FRA
content-encoding
br
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://mwzeom.zeotap.com/mw?cid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec...
95 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e04100b8074a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006f47500004a7a2225d000000001

Redirect headers

date
Wed, 10 Mar 2021 23:16:59 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=b2751e90-81f6-11eb-9b9e-8e9a66cd1a00&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 5F99 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
cm
trc.taboola.com/sg/zeotap/1/ Frame 5F99 		0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Wed, 10 Mar 2021 23:16:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418220.629291,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA
u
dmp.v.fwmrm.net/ad/ Frame 5F99 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.156.250.128 , United Kingdom, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:15 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5F99 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd52e71b6-7865-4691-51fa-468f255a2381%26reqId%3D8ee52a5e-2183-46ec-5c6b-bf1419018230%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:59 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=2e28d22e-5c94-47e5-a420-f27e9958584a&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2e28d22e-5c94-47e5-a420-f27e9958584a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e0412dcd494a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c007109800004a7a5f2f3000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:06 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=2e28d22e-5c94-47e5-a420-f27e9958584a&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
/
loadeu.exelator.com/load/ Frame 5F99 		0
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=d52e71b6-7865-4691-51fa-468f255a2381&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021031100-54124-0.481596001615418221-6a8044f226cf6a122f4a1db534acac6d&zdid=533&env=mWeb
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021031100-54124-0.481596001615418221-6a8044f226cf6a122f4a1db534acac6d&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e041102f094a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006fe1500004a7a1bb75000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021031100-54124-0.481596001615418221-6a8044f226cf6a122f4a1db534acac6d&zdid=533&env=mWeb
Date
Wed, 10 Mar 2021 23:17:01 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6938168445747067022&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-...
95 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6938168445747067022&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e041278ea24a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c0070cb300004a7a35112000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6938168445747067022&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Date
Wed, 10 Mar 2021 23:17:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 5F99 		95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d52e71b6-7865-4691-51fa-468f255a2381
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d52e71b6-7865-4691-51fa-468f255a2381&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d52e71b6-7865-4691-51fa-468f255a2381&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=mxlDLVmbj1BqZCGTw8/4Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46...
95 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=mxlDLVmbj1BqZCGTw8/4Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e0412d4cd64a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c007105200004a7a668fe000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 google
last-modified
Wed, 10 Mar 2021 23:17:06 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=mxlDLVmbj1BqZCGTw8/4Ne&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 5F99 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=d52e71b6-7865-4691-51fa-468f255a2381&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.163.159.108 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:08 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
tpid=d52e71b6-7865-4691-51fa-468f255a2381
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 5F99 		49 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d52e71b6-7865-4691-51fa-468f255a2381?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.253.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.141
content-type
image/gif
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-QHEudLhE2op25OzSTGYeSoWuYLAy3eiYGg--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-QHEudLhE2op25OzSTGYeSoWuYLAy3eiYGg--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e041145b3a4a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c00700b900004a7a77872000000001

Redirect headers

date
Wed, 10 Mar 2021 23:17:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-QHEudLhE2op25OzSTGYeSoWuYLAy3eiYGg--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
v2
odr.mookie1.com/t/ Frame 5F99 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5F99 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.77.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1615418220
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 5F99 		95 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.64.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YElTbgAAAELJ0zoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YElTbgAAAELJ0zoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&_test=YElTbgAAAELJ0zoG
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e041154c274a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c007014b00004a7a300b9000000001

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615418223.901461,VS0,VE0
x-served-by
cache-hhn4039-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YElTbgAAAELJ0zoG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&_test=YElTbgAAAELJ0zoG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 5F99
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=N_jScZtN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2abce07d-d503-4e43-790c-56edb1f6d300
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2abce07d-d503-4e43-790c-56edb1f6d300
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.77.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1615418222
x-served-by
beacon-n014-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2abce07d-d503-4e43-790c-56edb1f6d300
access-control-allow-credentials
true
cf-ray
62e041101efe4a7a-FRA
access-control-allow-headers
*
cf-request-id
08c006fe1000004a7a5bbb7000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5F99
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51f...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51f...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:09 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:09 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d52e71b6-7865-4691-51fa-468f255a2381&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5F99
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=d52e71b6-7865-4691-51fa-468f255a2381&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
62e04117dec94a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c00702e400004a7a3282e000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Wed, 10 Mar 2021 23:17:03 GMT
Connection
keep-alive
Content-Length
0
BK-Server
dc09
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cmp.min.js
spl.zeotap.com/ Frame 5F99 		557 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36fda47e40ecea59113a73893bb52e4301a909a78a764a73f0145830d2a6b26

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62e041009fde4a7a-FRA
date
Wed, 10 Mar 2021 23:16:59 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
08c006f46200004a7a32b92000000001
cmp
spl.zeotap.com/ Frame 5F99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d52e71b6-7865-4691-51fa-468f255a2381&reqId=8ee52a5e-2183-46ec-5c6b-bf1419018230&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d52e71b6-7865-4691-51fa-468f255a2381; zsc=t%92%D9~%86%96%14%DF%97l%CA%F7Y%96%E7%A2%17%D8%07%9Fh%11%84%BFk%BE%A8%0C%0C%06%C4%D3dd%1C%86%1E%1C%9E%075d5%0E%F7qm%FAV%D4%83%3C%85%F6+_%9F%05%02i%94U%BDr%05%A9%1A%24%87%5B%A9iegOTm%B6%AF%3E%08%ACW%A0%9A%2A8%89%EB1%1D%5B%B7%A1r%A5%94%A9T%87%F8%B4%CF4o%C2L%0E%26%F9%C7%2A%3C%F0%84%22%C2%8Fb%92%EFz%EB%7F2%2A%17_n%3E%06%16%AF%95%84%07%C6R%3DF%ED%1A%DB%AD%83%E9%80%86%E7%DE%D3o%09%3F%8E%C7%21%BC%F2h%DD%07c6%AA%25%DB%F9%F40L%10%F1%01%82%0E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 10 Mar 2021 23:16:59 GMT
set-cookie
__cfduid=d21e22fb27ff694c2218741c7592153a21615418219; expires=Fri, 09-Apr-21 23:16:59 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08c006f47f00004a7a29064000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e04100c8284a7a-FRA
SPug
simage4.pubmatic.com/AdServer/ Frame 510A 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159760&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:57 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
json
trc.taboola.com/botasot970x250gr-r17261818/trc/3/ Frame 2296 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/trc/3/json?tim=00%3A16%3A59.935&lti=deflated&data=%7B%22id%22%3A100%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306906703%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261818%22%2C%22orig_uip%22%3A%2217261818%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8e0ab80bf15e76bbd1707664408503fbdc4ccf4a9e974938c799d9e827f3cb51

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
77
date
Wed, 10 Mar 2021 23:17:00 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418220.949549,VS0,VE77
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 2296 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N1vqc1ua2vRcwDPanmfC_5JX.Is4VuJf
content-encoding
gzip
etag
"a0644a48c475235e8cee44daad7d08f7"
age
6024
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4320
x-amz-id-2
iXkKPOwJ1VPOBTAi25nuYMxJpDlVBj2OLKCGNhrWV+Xl+KQ0HGyr7ATNYRpF3+HKYp8nzgjfiEc=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 01 Mar 2021 13:36:16 GMT
server
AmazonS3
x-timer
S1615418220.071788,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
9F7AAE89FC9AEF49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
80
x-cache-hits
33427
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 2296 		3 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding
gzip
etag
"a13f67361cd19b638bb3083cf688d732"
age
25934
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
748
x-amz-id-2
sviL9jW5ap3b+pNuCd1gBo/4pkWtCWLG4NrjodNBpV9uPbq3OGlH/uiLvREIEIEhgAtWe+0rZ9c=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 16:04:13 GMT
server
AmazonS3
x-timer
S1615418220.072067,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
C8F8CDB2E50EC716
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
80
x-cache-hits
344552
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2296 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
115
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418220.073934,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
274
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2296 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
104
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418220.074026,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
256
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 2296 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418220.081605,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
33
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 0B1C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D0b8cd14f-8086-...
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&isDirect=0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.794006,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11542-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D0b8cd14f-8086-40cb-93dd-ffbba4a0afe1&isDirect=0
tbl-x-upstream
10.41.34.201:10213
date
Wed, 10 Mar 2021 23:17:02 GMT
server
nginx
x-fastly-to-nlb-rtt
12537
sync.php
pixel.rubiconproject.com/exchange/ Frame 0B1C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 0B1C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Y7TQNcKWs2BL&ev=1&orig=trc&pid=562107
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Y7TQNcKWs2BL&ev=1&orig=trc&pid=562107
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.64:10213
date
Wed, 10 Mar 2021 23:17:04 GMT
server
nginx
x-fastly-to-nlb-rtt
16776

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Y7TQNcKWs2BL&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568ff9c7d-9zkw9
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 0B1C
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1086387011141840971&orig=trc
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1086387011141840971&orig=trc
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Wed, 10 Mar 2021 23:17:00 GMT
server
nginx
x-fastly-to-nlb-rtt
12537

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
AN-X-Request-Uuid
98e31d42-c19c-4672-b380-fec50a633957
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1086387011141840971&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 0B1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDd5ILL0QnY6jgTp11G1B3I&google_cver=1
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDd5ILL0QnY6jgTp11G1B3I&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418220.126053,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDd5ILL0QnY6jgTp11G1B3I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0B1C 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb:$UID
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:00 GMT
X-lat
lhrpug004:0:622
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 0B1C
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
tbl-x-upstream
10.41.22.84:10213
date
Wed, 10 Mar 2021 23:17:00 GMT
server
nginx
x-fastly-to-nlb-rtt
12537
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 0B1C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1
0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418220.124831,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=67b1b6df-019c-49a0-bc4c-1ddc783a2eb1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 0B1C
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0B1C 		49 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-568ff9c7d-qgcgl
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 0B1C 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
dsp.adkernel.com/ Frame 0B1C 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
put
e1.emxdgt.com/ Frame 0B1C 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0B1C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=26e30104-62da-4d34-84b8-ff8aba9ecbe3
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=26e30104-62da-4d34-84b8-ff8aba9ecbe3
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Wed, 10 Mar 2021 23:17:00 GMT
server
nginx
x-fastly-to-nlb-rtt
12527

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=26e30104-62da-4d34-84b8-ff8aba9ecbe3
cache-control
no-cache
date
Wed, 10 Mar 2021 23:16:59 GMT
server-processing-duration-in-ticks
1544
content-type
text/html; charset=utf-8
content-length
222
expires
Wed, 10 Mar 2021 00:00:00 GMT
3.gif
id5-sync.com/c/464/441/5/ Frame 0B1C
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO-7urk47ug9VJhs8oQ6wQuO88V3DdbBD6oTUnEw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=598a6a51-0f8a-4fb0-b42f-7f00ce996f1d&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_35050552-47db-4d3b-8a01-24e92c14db0c&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/441/5/3.gif?puid=e_35050552-47db-4d3b-8a01-24e92c14db0c&gdpr=1&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.31 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p22.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:16:59 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/464/441/5/3.gif?puid=e_35050552-47db-4d3b-8a01-24e92c14db0c&gdpr=1&gdpr_consent=
date
Wed, 10 Mar 2021 23:17:00 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 0B1C
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Wed, 10 Mar 2021 23:17:01 GMT
server
nginx
x-fastly-to-nlb-rtt
12548

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
date
Wed, 10 Mar 2021 23:17:00 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 0B1C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:44 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
cds.taboola.com/ Frame 0B1C 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_r=7011426
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Mar 2021 23:17:03 GMT
Cache-Control
no-store
Server
nginx
Connection
close
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 0B1C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=5d58a125-6ed4-4b30-87e7-d34c4391bba2&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=5d58a125-6ed4-4b30-87e7-d34c4391bba2&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2df7608c-1bd5-49d3-8a7d-567be129a473
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2df7608c-1bd5-49d3-8a7d-567be129a473
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Wed, 10 Mar 2021 23:17:12 GMT
server
nginx
x-fastly-to-nlb-rtt
17650

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=2df7608c-1bd5-49d3-8a7d-567be129a473
date
Wed, 10 Mar 2021 23:17:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame 7F2C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
6155a0b571f450fff528c95212775914.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2296 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6155a0b571f450fff528c95212775914.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
fe1cfab2241bf6b22d0de2c308b3f3ca947944f9d1bc12b803b27cb69be6eb9d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1052250
edge-cache-tag
570034449167588780080531064111846429003,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 07 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6155a0b571f450fff528c95212775914.jpg
content-length
19030
x-served-by
cache-dca17725-DCA, cache-dca12928-DCA, cache-fra19176-FRA
last-modified
Thu, 04 Feb 2021 15:50:48 GMT
server
cloudinary
x-timer
S1615418220.242964,VS0,VE1
etag
"1d1ce71ebd72fb7b4875fd6385ff6f08"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame 2296 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1465333
edge-cache-tag
434627008199126008315450987453179400199,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
21383
x-request-id
9da6ea283fe3d593c35ad1a5e2fba995
x-served-by
cache-dca17760-DCA, cache-dca17735-DCA, cache-fra19176-FRA
last-modified
Sun, 14 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1615418220.274623,VS0,VE1
etag
"e4fa7e7fe471d54fa9af4ba7b333c594"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
c0b5c291af84d7a27f9b6d678804147b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2296 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0b5c291af84d7a27f9b6d678804147b.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a1bf8cefe720501fe04c7ed7062dccc699865cb6b1fa26ac7367c480a01433d1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3248795
edge-cache-tag
553947460388111162971575673121527654964,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 03 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0b5c291af84d7a27f9b6d678804147b.jpg
content-length
16389
x-served-by
cache-dca17769-DCA, cache-dca12927-DCA, cache-fra19176-FRA
last-modified
Sun, 03 Jan 2021 15:43:33 GMT
server
cloudinary
x-timer
S1615418220.307028,VS0,VE1
etag
"4959bdb4d970ad2a604355bde98499ae"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2296 		254 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11954
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418220.122947,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7398
6155a0b571f450fff528c95212775914.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2296 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6155a0b571f450fff528c95212775914.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
fe1cfab2241bf6b22d0de2c308b3f3ca947944f9d1bc12b803b27cb69be6eb9d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1052250
edge-cache-tag
570034449167588780080531064111846429003,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 07 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6155a0b571f450fff528c95212775914.jpg
content-length
19030
x-served-by
cache-dca17725-DCA, cache-dca12928-DCA, cache-fra19176-FRA
last-modified
Thu, 04 Feb 2021 15:50:48 GMT
server
cloudinary
x-timer
S1615418220.340670,VS0,VE0
etag
"1d1ce71ebd72fb7b4875fd6385ff6f08"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame 2296 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1465333
edge-cache-tag
434627008199126008315450987453179400199,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
21383
x-request-id
9da6ea283fe3d593c35ad1a5e2fba995
x-served-by
cache-dca17760-DCA, cache-dca17735-DCA, cache-fra19176-FRA
last-modified
Sun, 14 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1615418220.366529,VS0,VE0
etag
"e4fa7e7fe471d54fa9af4ba7b333c594"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
c0b5c291af84d7a27f9b6d678804147b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2296 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0b5c291af84d7a27f9b6d678804147b.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a1bf8cefe720501fe04c7ed7062dccc699865cb6b1fa26ac7367c480a01433d1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:00 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3248795
edge-cache-tag
553947460388111162971575673121527654964,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 03 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0b5c291af84d7a27f9b6d678804147b.jpg
content-length
16389
x-served-by
cache-dca17769-DCA, cache-dca12927-DCA, cache-fra19176-FRA
last-modified
Sun, 03 Jan 2021 15:43:33 GMT
server
cloudinary
x-timer
S1615418220.371866,VS0,VE0
etag
"4959bdb4d970ad2a604355bde98499ae"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
loader.js
cdn.taboola.com/libtrc/botasot970x250gr-r17261818/ Frame A835 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef56ce02a8b74885fb23125c02e3a5cce50efd028fdcfdcb6e208f4c0fdfa201

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
THCo_9xzFhR5VtmgO.IWGjvNrJ_FymDx
content-encoding
gzip
etag
"503df050a1339cb63f834cb5ab3a86de"
age
35
x-cache
HIT
content-length
19068
x-amz-id-2
TzvtwAkZEGkPHVdQ2sGqgI6eEPDdFpAUCeR5dcLzcOUSjXU9vsGL0TiWvXKnh1bQCjnmg78iaJw=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:21:51 GMT
server
AmazonS3
x-timer
S1615418220.397241,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
TAG33RE211PTJXDQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
2
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame A835 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418220.436911,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7113
loader.js
cdn.taboola.com/libtrc/botasot160x600gr-r17261820/ Frame 90B2 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot160x600gr-r17261820/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74675d52f118edeefb40f2818b7d4110077d232f20ac3d186849c36f4f0c6198

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mJbNJ.iZq4TMLbGH9d5FeDYrJ8_6Ju9n
content-encoding
gzip
etag
"fae1a79aa2197593e7aee6324f6ed4e3"
age
0
x-cache
HIT
content-length
19065
x-amz-id-2
Pyy8U25kIY9sv8uB9NcWTf3RfitHKRL98nbO2tTbocWYRfW/tN4TNlXsW5pd9n9AL2jMkZV6diQ=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:27 GMT
server
AmazonS3
x-timer
S1615418220.460420,VS0,VE103
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
FXDZVQZ4HP6Y2N5N
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
1
loader.js
cdn.taboola.com/libtrc/botasot970x250gr-r17261818/ Frame 3509 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef56ce02a8b74885fb23125c02e3a5cce50efd028fdcfdcb6e208f4c0fdfa201

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
THCo_9xzFhR5VtmgO.IWGjvNrJ_FymDx
content-encoding
gzip
etag
"503df050a1339cb63f834cb5ab3a86de"
age
35
x-cache
HIT
content-length
19068
x-amz-id-2
TzvtwAkZEGkPHVdQ2sGqgI6eEPDdFpAUCeR5dcLzcOUSjXU9vsGL0TiWvXKnh1bQCjnmg78iaJw=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:21:51 GMT
server
AmazonS3
x-timer
S1615418221.567218,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
TAG33RE211PTJXDQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
3
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame 887A 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.598124,VS0,VE150
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
3
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame F7D2 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.603942,VS0,VE144
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
3
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame 90B2 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot160x600gr-r17261820/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.606403,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7114
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame 3509 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.645982,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7115
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame 24F6 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.684849,VS0,VE63
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
3
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame BA67 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.782458,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
6
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame D502 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.782442,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
6
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame FE9C 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.782429,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
6
loader.js
cdn.taboola.com/libtrc/botasot728x90gr-r17261817/ Frame A5B2 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fCGtfkhnge6Zua0w6J2xhWPwXdsYmiCN
content-encoding
gzip
etag
"91032aa38348049b9b58992846dbb296"
age
0
x-cache
HIT
content-length
19219
x-amz-id-2
YxkcYkTiUaAdRfI7cbVu4PxOe719RB448Z7xlZw3RVa6eMmzgV/Zt6Cm0oopy1gOmsGdO/tAyD0=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:07:23 GMT
server
AmazonS3
x-timer
S1615418221.813915,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
VYE1B92196P6TGCH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
7
crum
dsum-sec.casalemedia.com/ Frame 91FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YElTbFnmkIijbW0hWGmsVgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjKppksYc1k3JjCpdGQjs&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjKppksYc1k3JjCpdGQjs&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Mar 2021 23:17:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMHjKppksYc1k3JjCpdGQjs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 91FB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_user_id=YElTbFnmkIijbW0hWGmsVgAA&cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 91FB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:08 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:08 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 91FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YElTbFnmkIijbW0hWGmsVgAABI8AAAAB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECzp3YHk3V2Ogey03yvqgLY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECzp3YHk3V2Ogey03yvqgLY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 10 Mar 2021 23:17:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECzp3YHk3V2Ogey03yvqgLY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noop
px.owneriq.net/ Frame 91FB
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6687046361955203987&uid=Q6687046361955203987&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.62.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-62-154.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:16 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 10 Mar 2021 23:17:16 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 91FB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618010230
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618010230
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Mar 2021 23:17:10 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:09 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618010230
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 91FB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=617A396F2AD841E29D30506442C2A5B7&gdpr=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=617A396F2AD841E29D30506442C2A5B7&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Mar 2021 23:17:00 GMT

Redirect headers

date
Wed, 10 Mar 2021 23:17:00 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=617A396F2AD841E29D30506442C2A5B7&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 09 Mar 2021 23:17:00 GMT
um
u-ams02.e-planning.net/ Frame 91FB 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=6ae8b76685acde3e&uid=YElTbFnmkIijbW0hWGmsVgAA%261167
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:00 GMT
server
openresty
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame 9AE7
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6ae8b76685acde3e%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.167.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-167-1.compute-1.amazonaws.com
Software
/
Resource Hash
67f567184f55cbfdb53a8ff71c5c7be414dd76478abd0ee9460928be6b9e52c3

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=c6236928-00e1-4cbc-b185-d3e16af7f1a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum.casalemedia.com/

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 10 Mar 2021 23:17:02 GMT
pragma
no-cache

Redirect headers

date
Wed, 10 Mar 2021 23:17:01 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=c6236928-00e1-4cbc-b185-d3e16af7f1a6; Path=/; Domain=eqads.com; Expires=Thu, 10 Jun 2021 23:17:01 GMT; Secure; SameSite=None
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame 887A 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.817159,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7116
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame F7D2 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.817276,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7117
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame 24F6 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.845153,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7119
loader.js
cdn.taboola.com/libtrc/botasot300x600gr-r17261822/ Frame D06E 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/botasot300x600gr-r17261822/loader.js
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a15b5b07dccbcbd1315ccc6021d94fca6280c4b8bc1d2c1dcf47b7a96cad58

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z_zkckG.8uinauUqpq1QaM4TesJuUB.L
content-encoding
gzip
etag
"2735272c148d74fc9b0a80993c7a058b"
age
46
x-cache
HIT
content-length
19237
x-amz-id-2
swIm416dMJWkXdeK5ycus7uGBqFSP+5QNcM7JuLKNV2ILhvkLpMPcQ7sZphy2n71Y9Y9J+P2FDQ=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 16:21:48 GMT
server
AmazonS3
x-timer
S1615418221.855188,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
HG7TDD0SSFA2CTYA
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
2
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame FE9C 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.865014,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7120
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame BA67 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.882719,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7121
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame D502 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.886246,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7122
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame A5B2 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.899789,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
61
x-cache-hits
7123
cc.js
tags.crwdcntrl.net/c/15238/ Frame B37F 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 10 Mar 2021 16:08:05 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
25739
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
ZGI5z77vnlBfDCKiyF04GHOt4jwGY13j9t-OcxMR48B6IZgWYIRwDw==
040321.html
s.e-planning.net/esb/4/0/1992d/35972623d90583f7/ Frame 9ADD 		1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/35972623d90583f7/040321.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
bf63f443c1c0aaf69fb46c8b660b6d87b7aaeb10ad631f8785b8eebb95cfcd75

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/35972623d90583f7/040321.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 10 Mar 2021 23:17:00 GMT
content-type
text/html
last-modified
Thu, 04 Mar 2021 13:54:04 GMT
etag
W/"6040e67c-4c9"
expires
Mon, 09 Mar 2026 23:17:00 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame BF3B 		0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
content-type
text/html; charset=utf-8
content-length
0
set-cookie
__cfduid=da1eccd71e5c5f953f94d3f002d3fc4c71615418220; expires=Fri, 09-Apr-21 23:17:00 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-request-id
08c006f961000005d849869000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1dgGic57Qa3OOTq8F6SA%2FK6Savj%2FeIoYZMrg5a%2FQFClHi9a2VbSlE2EwUd6WSabI6tNY1MB0Yafr7%2Fm%2FZJg7Tc1QuPug7j2Bs74AAUuUUjhJIHMeJHMqiHdEIMc90zc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
62e041089bd705d8-FRA
setuid
rtb.adxpremium.services/ Frame 0B8F
Redirect Chain
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5/ct?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AATvTG4nezhKj3ly
0
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AATvTG4nezhKj3ly
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AATvTG4nezhKj3ly
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
content-length
0
set-cookie
__cfduid=dcff80ab7c991fd3f8a7e7fbbc93fc61f1615418220; expires=Fri, 09-Apr-21 23:17:00 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Tue, 08 Jun 2021 23:17:00 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUFUdlRHNG5lemhLajNseSIsImV4cGlyZXMiOiIyMDIxLTAzLTI0VDIzOjE3OjAwLjk5NTMzNzgyNloifX0sImJkYXkiOiIyMDIxLTAzLTEwVDIzOjE3OjAwLjk5NTMyODY0NloifQ==; Path=/; Domain=adxpremium.services; Expires=Tue, 08 Jun 2021 23:17:00 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
08c006f99500006467ec8be000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8OKaP%2B41cskFJA6q1RSvNoT19YPt8U7kC3da017Dq58K6gWLjcwWmmEXEeXii0uY0Y1KIQtvRLXCRGHsNs9v5rIXOaHSxRAvQs%2F4H8XI4vwpPUp5BY1NckzPvLT30Pgfs63V5w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
62e04108ed436467-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
openresty
date
Wed, 10 Mar 2021 23:17:00 GMT
content-type
text/html; charset=iso-8859-1
location
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AATvTG4nezhKj3ly
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AATvTG4nezhKj3ly; path=/; domain=e-planning.net; expires=Wed, 08-Mar-2028 23:17:00 GMT; SameSite=None; Secure
expires
Wed, 10 Mar 2021 23:17:00 GMT
x-sid
AMS-739
impl.20210309-9-RELEASE.js
cdn.taboola.com/libtrc/ Frame D06E 		469 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot300x600gr-r17261822/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xM_jL7h6ZB3QjV_JB3da2vLQ4nyQbNxG
content-encoding
br
etag
"75c949375e72662c18ea42e8379a148a"
age
3144
x-cache
HIT
content-length
110346
x-amz-id-2
G86cXMEznKwNNbHXgG05DYkJeJje4+ojjYW/2Th++bKvtDjRV7BKnd0IphODGlzphKMIR7f1CV8=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 14:16:13 GMT
server
AmazonS3-br
x-timer
S1615418221.936284,VS0,VE0
date
Wed, 10 Mar 2021 23:17:00 GMT
vary
Accept-Encoding
x-amz-request-id
SPW0TM05CY8RD98Z
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
80
x-cache-hits
7124
json
trc.taboola.com/botasot970x250gr-r17261818/trc/3/ Frame A835 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/trc/3/json?tim=00%3A17%3A00.998&lti=deflated&data=%7B%22id%22%3A196%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306906703%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261818%22%2C%22orig_uip%22%3A%2217261818%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
86885355084c1416066cda2dff11ee1095c58031d649dc6ad30bc2fe71995525

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
101
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.011634,VS0,VE101
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cdb
bidder.criteo.com/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=105&profileId=206&cb=36880579216
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.botasot.info
date
Wed, 10 Mar 2021 23:17:08 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
visible
trc.taboola.com/botasot970x250gr-r17261818/log/3/ Frame 2296 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418221.093649,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot970x250gr-r17261818/log/3/ Frame 2296 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418221.096418,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame A835 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N1vqc1ua2vRcwDPanmfC_5JX.Is4VuJf
content-encoding
gzip
etag
"a0644a48c475235e8cee44daad7d08f7"
age
6025
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4320
x-amz-id-2
iXkKPOwJ1VPOBTAi25nuYMxJpDlVBj2OLKCGNhrWV+Xl+KQ0HGyr7ATNYRpF3+HKYp8nzgjfiEc=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 01 Mar 2021 13:36:16 GMT
server
AmazonS3
x-timer
S1615418221.152256,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
9F7AAE89FC9AEF49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
80
x-cache-hits
33430
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame A835 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding
gzip
etag
"a13f67361cd19b638bb3083cf688d732"
age
25935
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
748
x-amz-id-2
sviL9jW5ap3b+pNuCd1gBo/4pkWtCWLG4NrjodNBpV9uPbq3OGlH/uiLvREIEIEhgAtWe+0rZ9c=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 16:04:13 GMT
server
AmazonS3
x-timer
S1615418221.152328,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
C8F8CDB2E50EC716
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
80
x-cache-hits
344562
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A835 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
116
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418221.153700,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
277
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A835 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
105
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418221.153739,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
259
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A835 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
100
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418221.157750,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
35
tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 2D2F
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
49 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.253.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:01 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.75
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:01 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
cache-control
no-cache
x-server
10.45.2.222
content-length
0
expires
0
35702
tags.bluekai.com/site/ Frame 2D2F 		62 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
5126
Content-Type
image/gif
mw
mwzeom.zeotap.com/ Frame 2D2F 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=$0&gdpr_consent=$
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
62e0410a59874a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006fa7600004a7a21169000000001
sync
odr.mookie1.com/t/v2/ Frame 2D2F 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
trc.taboola.com/sg/neustar/1/ Frame 2D2F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
  • https://d.agkn.com/pixel/10751/?che=1615418221&ip=217.138.207.140&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164910103721001781767
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.381038,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:01 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
ea06d28accb74e1daaa47eed2da67c9c
i.liadm.com/s/e/64716/0/ Frame 2D2F
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_li_chk=true&previous_uuid=4448d5358d0d4f809380c8914f3c9aee
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&previous_uuid=31fd89aab08149528f28a51ad39e32e1
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2Fea06d28accb74e1daaa47eed2da67c9c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&4448d535-8d0d-4f80-9380-c891...
  • https://i.liadm.com/s/e/64716/0/ea06d28accb74e1daaa47eed2da67c9c?mpid=7156&muid=ab446049-536d-4200-830e-53a82c00b871
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/64716/0/ea06d28accb74e1daaa47eed2da67c9c?mpid=7156&muid=ab446049-536d-4200-830e-53a82c00b871
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.157.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Wed, 10 Mar 2021 23:17:56 GMT
Server
MT3 3611 f10363c master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/64716/0/ea06d28accb74e1daaa47eed2da67c9c?mpid=7156&muid=ab446049-536d-4200-830e-53a82c00b871
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Mar 2021 23:17:55 GMT
1000.gif
idsync.rlcdn.com/ Frame 2D2F
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3617235367833370639
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNzIzNTM2NzgzMzM3MDYzORAAGg0I8KalggYSBQjoBxAAQgBKAA
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNzIzNTM2NzgzMzM3MDYzORAAGg0I8KalggYSBQjoBxAAQgBKAA
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Mar 2021 23:17:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

date
Wed, 10 Mar 2021 23:17:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNzIzNTM2NzgzMzM3MDYzORAAGg0I8KalggYSBQjoBxAAQgBKAA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
/
loadm.exelator.com/load/ Frame 2D2F
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&xl8blockcheck=1
0
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&xl8blockcheck=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 10 Mar 2021 23:17:02 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
mw
mwzeom.zeotap.com/ Frame 2D2F 		95 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=211dc01dd08ac56e91a977a2d3271ee78b685e2ed580aa7d2f5b9a68c9b3d45c&gdpr=$0&gdpr_consent=$
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
62e0410ffed94a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c006fdfc00004a7a57b86000000001
sync
ups.analytics.yahoo.com/ups/55973/ Frame 2D2F
Redirect Chain
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:05 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
date
Wed, 10 Mar 2021 23:17:05 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
cds.taboola.com/ Frame 2D2F 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_r=6846558
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Mar 2021 23:17:07 GMT
Cache-Control
no-store
Server
nginx
Connection
close
json
trc.taboola.com/botasot160x600gr-r17261820/trc/3/ Frame 90B2 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot160x600gr-r17261820/trc/3/json?tim=00%3A17%3A01.153&lti=deflated&data=%7B%22id%22%3A757%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306040468%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A160%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A160%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261820%22%2C%22orig_uip%22%3A%2217261820%22%2C%22cd%22%3A0%2C%22mw%22%3A160%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3283b47498994013d6cf3e8ec0ddc30217d6a1fdadc4f99311a6dff0647abb68

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
103
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.166144,VS0,VE103
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A835 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b05b8653fe0c61908a5be84f57513f446424990a425ea48f02af7708f02f0de1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1009324
edge-cache-tag
437979102097564947015754295813812764157,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
59892
x-request-id
19877842b4b1693021946d9e307ae71a
x-served-by
cache-wdc5571-WDC, cache-dca17727-DCA, cache-fra19176-FRA
last-modified
Thu, 11 Feb 2021 14:59:24 GMT
server
cloudinary
x-timer
S1615418222.419665,VS0,VE0
etag
"eeae32cf57f0776fcf0ddca351f4cd5a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
450a41d471fb85bd920a3e31caeb7bda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A835 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/450a41d471fb85bd920a3e31caeb7bda.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a31f86c8412c094e0cad4f8780467f94afc919c606d7c7f34777bc5998d1225a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1593794
edge-cache-tag
551213328688149424177003321265328307476,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 22 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/450a41d471fb85bd920a3e31caeb7bda.jpg
content-length
15492
x-served-by
cache-dca17766-DCA, cache-dca17781-DCA, cache-fra19176-FRA
last-modified
Fri, 22 Jan 2021 22:15:38 GMT
server
cloudinary
x-timer
S1615418222.451138,VS0,VE1
etag
"4e34a1a15ab9d8c24ad1ec1eda02a59c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame A835 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1465335
edge-cache-tag
434627008199126008315450987453179400199,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
21383
x-request-id
9da6ea283fe3d593c35ad1a5e2fba995
x-served-by
cache-dca17760-DCA, cache-dca17735-DCA, cache-fra19176-FRA
last-modified
Sun, 14 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1615418222.484640,VS0,VE0
etag
"e4fa7e7fe471d54fa9af4ba7b333c594"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame A835 		254 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11955
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418221.196179,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7400
json
trc.taboola.com/botasot970x250gr-r17261818/trc/3/ Frame 3509 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/trc/3/json?tim=00%3A17%3A01.189&lti=deflated&data=%7B%22id%22%3A505%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306906703%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261818%22%2C%22orig_uip%22%3A%2217261818%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b6679091b5ea4512385d6f4ebe09e43dd3e9b0bc93df257543b5a009b634d7f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
74
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.201869,VS0,VE74
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 90B2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot160x600gr-r17261820/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
117
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.516277,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
281
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 90B2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot160x600gr-r17261820/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.546859,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
263
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 90B2 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot160x600gr-r17261820/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.577722,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
36
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 3509 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N1vqc1ua2vRcwDPanmfC_5JX.Is4VuJf
content-encoding
gzip
etag
"a0644a48c475235e8cee44daad7d08f7"
age
6027
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4320
x-amz-id-2
iXkKPOwJ1VPOBTAi25nuYMxJpDlVBj2OLKCGNhrWV+Xl+KQ0HGyr7ATNYRpF3+HKYp8nzgjfiEc=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 01 Mar 2021 13:36:16 GMT
server
AmazonS3
x-timer
S1615418223.609075,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
9F7AAE89FC9AEF49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
80
x-cache-hits
33438
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 3509 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding
gzip
etag
"a13f67361cd19b638bb3083cf688d732"
age
25935
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
748
x-amz-id-2
sviL9jW5ap3b+pNuCd1gBo/4pkWtCWLG4NrjodNBpV9uPbq3OGlH/uiLvREIEIEhgAtWe+0rZ9c=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 16:04:13 GMT
server
AmazonS3
x-timer
S1615418221.314249,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
C8F8CDB2E50EC716
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
80
x-cache-hits
344566
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3509 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
117
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.639088,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
282
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3509 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.668564,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
264
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 3509 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot970x250gr-r17261818/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.703100,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
37
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 90B2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
560ca35f988f022a89cd9dfcf91b054aa6ba19c955c586c18b99955605fa2ba6

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
650941
edge-cache-tag
437979102097564947015754295813812764157,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 14 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
22097
x-served-by
cache-dca17723-DCA, cache-dca17725-DCA, cache-fra19176-FRA
last-modified
Thu, 11 Feb 2021 09:50:55 GMT
server
cloudinary
x-timer
S1615418223.733795,VS0,VE1
etag
"255976696bc272fbfcbcd5c27f1c69b5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame 90B2 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b72b2f311fe5a6ef3a74c7f7d8804b4486c4f8f07bdacddbe83a4a2512bf7f24

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1118097
edge-cache-tag
434627008199126008315450987453179400199,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 27 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
7198
x-served-by
cache-dca17721-DCA, cache-dca12925-DCA, cache-fra19176-FRA
last-modified
Wed, 27 Jan 2021 10:28:49 GMT
server
cloudinary
x-timer
S1615418223.769377,VS0,VE1
etag
"be5c7beb9167e7ee2fe83950664a2a79"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
f021591dc32e69a2ecbb8230a98bda6d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 90B2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f021591dc32e69a2ecbb8230a98bda6d.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e499f623d6a22d125b3e52d53b859e9cd21d8433933dca047bb16b7a9f509bf0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
484591
edge-cache-tag
373083302329019568297745335337664459287,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f021591dc32e69a2ecbb8230a98bda6d.jpg
content-length
8992
x-served-by
cache-dca17722-DCA, cache-dca17732-DCA, cache-fra19176-FRA
last-modified
Wed, 10 Feb 2021 20:25:49 GMT
server
cloudinary
x-timer
S1615418223.801587,VS0,VE1
etag
"a94a244fe1f358defef854a4d2b36c8f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3509 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b05b8653fe0c61908a5be84f57513f446424990a425ea48f02af7708f02f0de1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1009324
edge-cache-tag
437979102097564947015754295813812764157,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
59892
x-request-id
19877842b4b1693021946d9e307ae71a
x-served-by
cache-wdc5571-WDC, cache-dca17727-DCA, cache-fra19176-FRA
last-modified
Thu, 11 Feb 2021 14:59:24 GMT
server
cloudinary
x-timer
S1615418223.830318,VS0,VE0
etag
"eeae32cf57f0776fcf0ddca351f4cd5a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame 3509 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1465336
edge-cache-tag
434627008199126008315450987453179400199,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
21383
x-request-id
9da6ea283fe3d593c35ad1a5e2fba995
x-served-by
cache-dca17760-DCA, cache-dca17735-DCA, cache-fra19176-FRA
last-modified
Sun, 14 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1615418223.832724,VS0,VE0
etag
"e4fa7e7fe471d54fa9af4ba7b333c594"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
84b5004a0139f504aea1f9137e064aa2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3509 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84b5004a0139f504aea1f9137e064aa2.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
6bbd8776f329aff7f2dbf1fa3e7d849bec5a0e96e66939810e9b9362292d1a98

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
746640
edge-cache-tag
443315867572456920628136890446220819839,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84b5004a0139f504aea1f9137e064aa2.jpg
content-length
12916
x-served-by
cache-dca17768-DCA, cache-dca17727-DCA, cache-fra19176-FRA
last-modified
Thu, 25 Feb 2021 01:18:41 GMT
server
cloudinary
x-timer
S1615418223.862320,VS0,VE1
etag
"33200283cfe19bdb60dcce96fccf3d8c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame 887A 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.363&lti=deflated&data=%7B%22id%22%3A561%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44ce81d4948d8b8511354d7b6921946da055dc0ca99046388551af07dc68121e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
52
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.376396,VS0,VE52
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame F7D2 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.389&lti=deflated&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b37db983b2afed7778537cc96822d2b31e3b7f6fc8801bdb2c80b54a60da499

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
64
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.402599,VS0,VE64
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame 24F6 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.405&lti=deflated&data=%7B%22id%22%3A877%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
220c489cbfc8f3cdcd8130e543fb3062048a3690942f676f69f6827e1bc287b1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
58
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.417933,VS0,VE58
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame FE9C 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.441&lti=deflated&data=%7B%22id%22%3A965%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7fca7eccf3644f92f2ccb0c738f57b8dfd33f701a95660d44a26b1d1df03269

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
86
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.455065,VS0,VE86
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 887A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.862551,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
284
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 887A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.897667,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
266
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 887A 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.897669,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
38
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame BA67 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.459&lti=deflated&data=%7B%22id%22%3A916%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1d548aec1182959f65cc03c41d9a16d1559713b4cbe19251b7e666aded0c24ff

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
59
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.473084,VS0,VE59
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame D502 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.461&lti=deflated&data=%7B%22id%22%3A769%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d684e9df04d0a7c98d296fc9fb55b4c441bfd1d8581494107261225198885460

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
67
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.473723,VS0,VE67
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/botasot728x90gr-r17261817/trc/3/ Frame A5B2 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/trc/3/json?tim=00%3A17%3A01.470&lti=deflated&data=%7B%22id%22%3A308%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306038817%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%2217261817%22%2C%22orig_uip%22%3A%2217261817%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0566aef81cb147afc12499af01c1d2ddc551b85a836f9beb8046ba61d6a4479d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
57
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418221.483990,VS0,VE57
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F7D2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.914842,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
285
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F7D2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.930482,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
267
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F7D2 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.930467,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
39
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 24F6 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.944690,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
286
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 24F6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.962173,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
268
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 24F6 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.962843,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
40
json
trc.taboola.com/botasot300x600gr-r17261822/trc/3/ Frame D06E 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot300x600gr-r17261822/trc/3/json?tim=00%3A17%3A01.514&lti=deflated&data=%7B%22id%22%3A946%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1615306906791%2C%22vi%22%3A1615418219933%2C%22cv%22%3A%2220210309-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.botasot.info%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217261822%22%2C%22orig_uip%22%3A%2217261822%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
813dc8564f01d90d722ecd79acfae7d2ada529fba8abb8011eaa5924481f5f59

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
250
date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
server
nginx
x-timer
S1615418222.528085,VS0,VE250
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame BA67 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.974397,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
287
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame BA67 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.993130,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
269
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame BA67 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.994120,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
41
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A5B2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.005681,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
288
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A5B2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.022989,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
270
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A5B2 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.026832,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
42
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D502 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.035347,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
289
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D502 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.052711,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
271
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D502 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.057215,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
43
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame FE9C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
118
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418223.066035,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
290
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame FE9C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
107
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418223.083071,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
272
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame FE9C 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot728x90gr-r17261817/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418223.086918,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
44
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D502 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e03105e3b885f27053e6c98019e3215db12b131f95c2131d694659ea7fd9048e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
136
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1161017
edge-cache-tag
437979102097564947015754295813812764157,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
9186
x-served-by
cache-dca17746-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Thu, 28 Jan 2021 20:39:04 GMT
server
cloudinary
x-timer
S1615418223.097990,VS0,VE136
etag
"7ea15fa5b13c2ba495cfdb0c02029081"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame D502 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d69e4613222d88125f9d23bd14c029de07a0fa7310bc6311ea4924b1fa7af2b6

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3001401
edge-cache-tag
434627008199126008315450987453179400199,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
3903
x-request-id
60667a78308bcb389b1e1ab9506e9dfb
x-served-by
cache-dca17764-DCA, cache-dca17757-DCA, cache-fra19176-FRA
last-modified
Fri, 15 Jan 2021 13:57:00 GMT
server
cloudinary
x-timer
S1615418223.112905,VS0,VE1
etag
"4a3a1259a925fafa233e79e3bc4ce2df"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
25a4eacb6ed68590bffbd3c2eb17a930.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D502 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25a4eacb6ed68590bffbd3c2eb17a930.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
58a40c31deb57f74ee51c955910e9e0325b468b52d242dfb3fe5d641d0f36e9a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1215909
edge-cache-tag
415010131478755822490915829808796452486,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25a4eacb6ed68590bffbd3c2eb17a930.jpg
content-length
3960
x-request-id
776f032e8288824ac0da54cc00034b62
x-served-by
cache-dca17721-DCA, cache-dca17722-DCA, cache-fra19176-FRA
last-modified
Tue, 26 Jan 2021 06:38:28 GMT
server
cloudinary
x-timer
S1615418223.151368,VS0,VE1
etag
"71e37454647dc53998c64289ba14caa0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame FE9C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e03105e3b885f27053e6c98019e3215db12b131f95c2131d694659ea7fd9048e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
84
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1161017
edge-cache-tag
437979102097564947015754295813812764157,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
9186
x-served-by
cache-dca17746-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Thu, 28 Jan 2021 20:39:04 GMT
server
cloudinary
x-timer
S1615418223.150256,VS0,VE84
etag
"7ea15fa5b13c2ba495cfdb0c02029081"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
TB1706-TB1705_old_man_double_pinching_next_to_head_mirrored_1000x600_1000x600_a29f8293f49720501d0621a5d2259a48.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/ Frame FE9C 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB1706-TB1705_old_man_double_pinching_next_to_head_mirrored_1000x600_1000x600_a29f8293f49720501d0621a5d2259a48.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d16e8888a931b83d89e1a975d8f527cece87f9e758780aedc7ae60d05924d249

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2364066
edge-cache-tag
511631088070914122391253968142815346703,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 15 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB1706-TB1705_old_man_double_pinching_next_to_head_mirrored_1000x600_1000x600_a29f8293f49720501d0621a5d2259a48.png
content-length
4278
x-served-by
cache-dca17770-DCA, cache-dca17763-DCA, cache-fra19176-FRA
last-modified
Fri, 15 Jan 2021 08:13:45 GMT
server
cloudinary
x-timer
S1615418223.175031,VS0,VE1
etag
"2d74867072fe8e7d4fe7be2f60abbc57"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
hh_podtac2_1000x600_e15049f73ef0734f3eb88202f68f0126.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame FE9C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/hh_podtac2_1000x600_e15049f73ef0734f3eb88202f68f0126.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ad6bcfd6e4d748fdd2ddf2c1cf9fd6f857e1bff90f98f0e09bbdb628bea98df8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
135849
edge-cache-tag
587867291821358482271503955748269177300,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/hh_podtac2_1000x600_e15049f73ef0734f3eb88202f68f0126.png
content-length
2735
x-request-id
4cec68cf01e7c2fec32050851f86cd53
x-served-by
cache-dca17726-DCA, cache-dca17753-DCA, cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 06:23:12 GMT
server
cloudinary
x-timer
S1615418223.183490,VS0,VE1
etag
"85c96fc0d713d511aaed7a634c2fe3b5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
sync.crwdcntrl.net/map/c=10924/tp=OOLA/ Frame 5E13 		49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.253.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:03 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.181
content-type
image/gif
content-length
49
expires
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 5E13
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=35ac4122-1345-40a6-ae47-b6c024152ca7
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=35ac4122-1345-40a6-ae47-b6c024152ca7&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D35ac4122-1345-...
0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=35ac4122-1345-40a6-ae47-b6c024152ca7&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D35ac4122-1345-40a6-ae47-b6c024152ca7&isDirect=0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.305524,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11542-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=35ac4122-1345-40a6-ae47-b6c024152ca7&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D35ac4122-1345-40a6-ae47-b6c024152ca7&isDirect=0
tbl-x-upstream
10.41.14.127:10213
date
Wed, 10 Mar 2021 23:17:03 GMT
server
nginx
x-fastly-to-nlb-rtt
12526
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 5E13
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=KYbwSkB1ca9R&ev=1&orig=trc&pid=562107
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=KYbwSkB1ca9R&ev=1&orig=trc&pid=562107
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Wed, 10 Mar 2021 23:17:04 GMT
server
nginx
x-fastly-to-nlb-rtt
16776

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=KYbwSkB1ca9R&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-568ff9c7d-tdljf
expires
-1
35702
tags.bluekai.com/site/ Frame 5E13 		62 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.41.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-41-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:03 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
f030
Expires
Thu, 01 Dec 1994 16:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5E13 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=$0&gdpr_consent=$
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
62e041175e494a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c007029700004a7a8abe2000000001
sync
odr.mookie1.com/t/v2/ Frame 5E13 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
trc.taboola.com/sg/neustar/1/ Frame 5E13
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
  • https://d.agkn.com/pixel/10751/?che=1615418223&ip=217.138.207.140&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164910103721001781767
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418225.675542,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164910103721001781767
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
35759
i6.liadm.com/s/ Frame 5E13
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&previous_uuid=70d6f5b389e046509e04e7f7cd05493c
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=447a2a1b-19c5-4a05-a863-dea7ae445a21
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=447a2a1b-19c5-4a05-a863-dea7ae445a21
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=447a2a1b-19c5-4a05-a863-dea7ae445a21
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4602:fff0:3de7:a67e:fe5f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:07 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=447a2a1b-19c5-4a05-a863-dea7ae445a21
Date
Wed, 10 Mar 2021 23:17:07 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5E13 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb:$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
X-lat
lhrpug019:0:332
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
csync.ashx
ml314.com/ Frame 5E13
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3617235367822884909
  • https://ml314.com/csync.ashx?fp=&person_id=3617235367822884909&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=&person_id=3617235367822884909&eid=50082
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Thu, 11 Mar 2021 18:17:04 GMT

Redirect headers

date
Wed, 10 Mar 2021 23:17:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=&person_id=3617235367822884909&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5E13
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
tbl-x-upstream
10.40.0.175:10213
date
Wed, 10 Mar 2021 23:17:03 GMT
server
nginx
x-fastly-to-nlb-rtt
14788
rtset
bh.contextweb.com/bh/ Frame 5E13 		49 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-568ff9c7d-hqb7p
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 5E13 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:03 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
dsp.adkernel.com/ Frame 5E13 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:05 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
/
loadm.exelator.com/load/ Frame 5E13 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 5E13 		95 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=211dc01dd08ac56e91a977a2d3271ee78b685e2ed580aa7d2f5b9a68c9b3d45c&gdpr=$0&gdpr_consent=$
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
62e0411c7b824a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c00705d000004a7a8527c000000001
7.gif
id5-sync.com/c/464/101/1/ Frame 5E13
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://id5-sync.com/c/464/108/6/2.gif?puid=b8cea363-81f6-11eb-9b9e-8e9a66cd1a00&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO7ZYPZWaHjqFXSQ2SRoLvwI33dKCv9JHaqtisGQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO7ZYPZWaHjqFXSQ2SRoLvwI33dKCv9JHaqtisGQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fp...
  • https://id5-sync.com/cq/464/124/5/3.gif?puid=eed45463-43c8-476b-b01d-209a61566e26&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/4/4.gif?puid=e_35050552-47db-4d3b-8a01-24e92c14db0c&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
  • https://id5-sync.com/c/464/9/3/5.gif?puid=Ze9iAqKODy4vVqA17ygFh9OHd941u9D9wcuyGl59Sw8&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/2/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/2/6.gif?puid=6730c1b6a0f1e40d634ddc96a35bf2a&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/1/7.gif?puid=98643657-d371-4c5f-8526-70f82c6b1f9c&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/101/1/7.gif?puid=98643657-d371-4c5f-8526-70f82c6b1f9c&gdpr=1&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.31 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p22.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:06 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/464/101/1/7.gif?puid=98643657-d371-4c5f-8526-70f82c6b1f9c&gdpr=1&gdpr_consent=
Date
Wed, 10 Mar 2021 23:17:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55973/ Frame 5E13
Redirect Chain
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1
  • https://pixel.advertising.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:05 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55973/sync?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_origin=1&apid=UPba4ba710-81f6-11eb-bd98-02d6f46eda30
date
Wed, 10 Mar 2021 23:17:05 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookiesync
bttrack.com/pixel/ Frame 5E13 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Wed, 10 Mar 2021 23:16:49 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 5E13
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=d7bfdeef-da5b-4dda-806a-96cfef091817&ssp=taboola&user_group=1
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=366&expires=14&user_id=d7bfdeef-da5b-4dda-806a-96cfef091817&ssp=taboola&user_group=1
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=80e25af2-365e-494a-aae0-f3e6bd6a8ed0
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=80e25af2-365e-494a-aae0-f3e6bd6a8ed0
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.201:10213
date
Wed, 10 Mar 2021 23:17:06 GMT
server
nginx
x-fastly-to-nlb-rtt
20179

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=80e25af2-365e-494a-aae0-f3e6bd6a8ed0
date
Wed, 10 Mar 2021 23:17:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame D06E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N1vqc1ua2vRcwDPanmfC_5JX.Is4VuJf
content-encoding
gzip
etag
"a0644a48c475235e8cee44daad7d08f7"
age
6029
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4320
x-amz-id-2
iXkKPOwJ1VPOBTAi25nuYMxJpDlVBj2OLKCGNhrWV+Xl+KQ0HGyr7ATNYRpF3+HKYp8nzgjfiEc=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 01 Mar 2021 13:36:16 GMT
server
AmazonS3
x-timer
S1615418225.760211,VS0,VE0
date
Wed, 10 Mar 2021 23:17:04 GMT
vary
Accept-Encoding
x-amz-request-id
9F7AAE89FC9AEF49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
80
x-cache-hits
33450
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame D06E 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding
gzip
etag
"a13f67361cd19b638bb3083cf688d732"
age
25936
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
748
x-amz-id-2
sviL9jW5ap3b+pNuCd1gBo/4pkWtCWLG4NrjodNBpV9uPbq3OGlH/uiLvREIEIEhgAtWe+0rZ9c=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 16:04:13 GMT
server
AmazonS3
x-timer
S1615418222.824620,VS0,VE0
date
Wed, 10 Mar 2021 23:17:01 GMT
vary
Accept-Encoding
x-amz-request-id
C8F8CDB2E50EC716
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
80
x-cache-hits
344573
tfa-eid.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D06E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot300x600gr-r17261822/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JWOmKPIG2UIR8nmNEeG.1MSsQ8BFebha
content-encoding
gzip
etag
"1cc9c80314cc9bfce456671a2dfc192f"
age
120
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4856
x-amz-id-2
npPnOpkc8/L97nwmxZZ47P/rjjgCOqk4WWUgtzvX6Nx0xK/NGu9EZr5ufeqyCMtUVfgS8BjNT0U=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:33 GMT
server
AmazonS3
x-timer
S1615418225.791885,VS0,VE0
date
Wed, 10 Mar 2021 23:17:04 GMT
vary
Accept-Encoding
x-amz-request-id
PR2CQBRQ9QTBPS49
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
298
sha256.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D06E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot300x600gr-r17261822/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j_rmDFI31AhnAG3Pzo6ZjdlWorArBwFv
content-encoding
gzip
etag
"3883bb40a5cb1bc5b72a8e56c6cd650c"
age
109
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
uNUIAlhtjIbstVC2XHzwkfmkq253UNasynobm9hAATLGjHTMUAcnGxZeTy8yfz6/F/+gu29dq/E=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:43 GMT
server
AmazonS3
x-timer
S1615418225.832265,VS0,VE0
date
Wed, 10 Mar 2021 23:17:04 GMT
vary
Accept-Encoding
x-amz-request-id
DPHTX2M09K807573
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
280
userx.20210309-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame D06E 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210309-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/botasot300x600gr-r17261822/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ItxMunZwLGQz4brD488Nbjd3kxcYo3w1
content-encoding
gzip
etag
"774e17ccdfe8879c6af02c2a8857b4f6"
age
103
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7810
x-amz-id-2
MowpoNwtxAOt5wbj0XHFtij4N++cItwI7V7g5FUxWOPm70+nJngpTqD1YLIB00ua5QyvTdnxEjk=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 18:21:29 GMT
server
AmazonS3
x-timer
S1615418225.843668,VS0,VE0
date
Wed, 10 Mar 2021 23:17:04 GMT
vary
Accept-Encoding
x-amz-request-id
T1B81A9J91N1JWQ7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
47
sync.php
pixel.rubiconproject.com/exchange/ Frame 5E13 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 5E13
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2762784060102710731&orig=trc
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2762784060102710731&orig=trc
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Wed, 10 Mar 2021 23:17:04 GMT
server
nginx
x-fastly-to-nlb-rtt
16322

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:04 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid
a6b92504-89a8-41af-8c4f-193890dba339
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2762784060102710731&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 5E13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ2nu_o3NJSdI5vD6XE4hxg&google_cver=1
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ2nu_o3NJSdI5vD6XE4hxg&google_cver=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 10 Mar 2021 23:17:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.870726,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ2nu_o3NJSdI5vD6XE4hxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5E13
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=447a2a1b-19c5-4a05-a863-dea7ae445a21
0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=447a2a1b-19c5-4a05-a863-dea7ae445a21
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418225.024552,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=447a2a1b-19c5-4a05-a863-dea7ae445a21
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 5E13
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:06 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:06 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
put
e1.emxdgt.com/ Frame 5E13 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5E13
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=751fd759-717a-4f88-bb75-ce68598cbcf4
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=751fd759-717a-4f88-bb75-ce68598cbcf4
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Wed, 10 Mar 2021 23:17:05 GMT
server
nginx
x-fastly-to-nlb-rtt
21280

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=751fd759-717a-4f88-bb75-ce68598cbcf4
cache-control
no-cache
date
Wed, 10 Mar 2021 23:17:04 GMT
server-processing-duration-in-ticks
3711
content-type
text/html; charset=utf-8
content-length
222
expires
Wed, 10 Mar 2021 00:00:00 GMT
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 5E13
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
0
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.64:10213
date
Wed, 10 Mar 2021 23:17:02 GMT
server
nginx
x-fastly-to-nlb-rtt
12540

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=NeBNnvguAp-_kVaebFNJYA
date
Wed, 10 Mar 2021 23:17:01 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
/
cds.taboola.com/ Frame 5E13 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&_r=3658843
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Mar 2021 23:17:08 GMT
Cache-Control
no-store
Server
nginx
Connection
close
tbp
15.taboola.com/ Frame D06E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
998deffa9e59733ab3aa3dea37551528dfea298e9396415baf4d565c3b1579a4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Mar 2021 23:17:01 GMT
content-encoding
gzip
access-control-allow-origin
https://www.botasot.info
machineid
1429
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19176-FRA
pragma
no-cache
server
nginx
x-timer
S1615418222.845708,VS0,VE22
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
c41b656a3431046af8b811fce36d69ef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
afb455316e1d36d77c969767054da495eb62e07ca3aa9c294cbca4d884b5783d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
231879
edge-cache-tag
585055093914182757257663711956121478192,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg
content-length
8240
x-request-id
40c296a8b03d848a7ba1ea42f08ab9a5
x-served-by
cache-dca17747-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Sun, 07 Mar 2021 23:11:44 GMT
server
cloudinary
x-timer
S1615418225.379660,VS0,VE1
etag
"c168d6b0bff1cd830d3a3b17e72f2b16"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
23cee3c8f24e3dd38458d96be6b69da6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23cee3c8f24e3dd38458d96be6b69da6.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1c0aca0dc9ccf96e2bd24487fbb0d46d79cde33ca8b6503cd3abbbe6f9a37aa8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
216
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
396185
edge-cache-tag
445538431394916110028708307389928599430,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 12 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23cee3c8f24e3dd38458d96be6b69da6.jpg
content-length
4196
x-served-by
cache-dca17783-DCA, cache-dca17755-DCA, cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 10:53:08 GMT
server
cloudinary
x-timer
S1615418225.409687,VS0,VE216
etag
"5121016544bd5555cac5a8a7ac6be3fa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
les-photos-de-vacances-sexy-de-vos-animatrices-tele-preferees-tatiana-silva.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//voi.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Ea... Frame D06E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//voi.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FVOI.2F2019.2F09.2F20.2Fda2ab17c-139a-4598-8461-0a19634ff3fb.2Ejpeg/620x414/quality/65/les-photos-de-vacances-sexy-de-vos-animatrices-tele-preferees-tatiana-silva.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
55d49225938521783c199e55a742fc0e8f89da430747bf1e2700154648915251

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
505207
edge-cache-tag
560484133364502194926710232792006819167,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 19 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//voi.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FVOI.2F2019.2F09.2F20.2Fda2ab17c-139a-4598-8461-0a19634ff3fb.2Ejpeg/620x414/quality/65/les-photos-de-vacances-sexy-de-vos-animatrices-tele-preferees-tatiana-silva.jpg
content-length
4614
x-served-by
cache-dca17767-DCA, cache-dca17742-DCA, cache-fra19176-FRA
last-modified
Tue, 16 Feb 2021 01:28:23 GMT
server
cloudinary
x-timer
S1615418225.411364,VS0,VE1
etag
"0a335f55130d37ff0790ccf585b125d3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
507f3c56fff823e1105d7634cf1bed4e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/507f3c56fff823e1105d7634cf1bed4e.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0524f274d66315c3d31a90235b2948d4876c10582443d1b0ee01ccbeecc6b3d4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
87
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
36128
edge-cache-tag
553778773050484444481670429977366857170,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/507f3c56fff823e1105d7634cf1bed4e.jpg
content-length
3880
x-request-id
3212df5081d5a90249f4becf5434562f
x-served-by
cache-dca17759-DCA, cache-dca17773-DCA, cache-fra19176-FRA
last-modified
Fri, 05 Mar 2021 11:27:35 GMT
server
cloudinary
x-timer
S1615418225.442781,VS0,VE87
etag
"63c0fbabf0ddb1b40fdbe81cd8c3d020"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
e3d81d6fe1c05d99ade799a0de52b03e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3d81d6fe1c05d99ade799a0de52b03e.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
04ef6f69df2865ee7903dfb0a1f1bb977028ba3d825e785af8fa4134a320eab0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
341890
edge-cache-tag
352802890765880297422630733855355953261,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 12 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3d81d6fe1c05d99ade799a0de52b03e.jpg
content-length
3795
x-served-by
cache-dca17777-DCA, cache-dca12920-DCA, cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 11:45:54 GMT
server
cloudinary
x-timer
S1615418226.558898,VS0,VE1
etag
"a2db4b33631ba3814080d005e7650798"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
5de684c4835734207dd605cc0d4b8d85.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5de684c4835734207dd605cc0d4b8d85.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c4ebbe6b28dd61ca389f7a99a6c1d4f3134ebfe2f2211fa39d26776e00bed713

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
384069
edge-cache-tag
468273360552253466671268636801390219445,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 01 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5de684c4835734207dd605cc0d4b8d85.jpg
content-length
5623
x-served-by
cache-dca17721-DCA, cache-dca17767-DCA, cache-fra19176-FRA
last-modified
Mon, 01 Mar 2021 19:56:34 GMT
server
cloudinary
x-timer
S1615418226.589334,VS0,VE1
etag
"8c77a9239c628a30f3e58c27a0f1e3a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame D06E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront), 1.1 varnish
age
2650583
x-amz-meta-mtime
1580720676
x-cache
RefreshHit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn11542-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1615418226.623901,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
wmzh0cDjDIUcI3Wel4tio7NVrqgrg1rCz2Rz1knjAiGHpx_HwKnRPQ==
x-cache-hits
1611482
crum
dsum-sec.casalemedia.com/ Frame 9AE7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=c6236928-00e1-4cbc-b185-d3e16af7f1a6&expiration=1623367022
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Mar 2021 23:17:07 GMT
bulk
trc.taboola.com/botasot970x250gr-r17261818/log/3/ Frame A835 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.165796,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot160x600gr-r17261820/log/3/ Frame 90B2 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot160x600gr-r17261820/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.320979,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot970x250gr-r17261818/log/3/ Frame 3509 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot970x250gr-r17261818/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.325931,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/botasot160x600gr-r17261820/log/3/ Frame 90B2 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot160x600gr-r17261820/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.339021,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A835 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b05b8653fe0c61908a5be84f57513f446424990a425ea48f02af7708f02f0de1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1009327
edge-cache-tag
437979102097564947015754295813812764157,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
59892
x-request-id
19877842b4b1693021946d9e307ae71a
x-served-by
cache-wdc5571-WDC, cache-dca17727-DCA, cache-fra19176-FRA
last-modified
Thu, 11 Feb 2021 14:59:24 GMT
server
cloudinary
x-timer
S1615418226.652375,VS0,VE0
etag
"eeae32cf57f0776fcf0ddca351f4cd5a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame 887A 		0
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418222.473821,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
450a41d471fb85bd920a3e31caeb7bda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A835 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/450a41d471fb85bd920a3e31caeb7bda.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a31f86c8412c094e0cad4f8780467f94afc919c606d7c7f34777bc5998d1225a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1593797
edge-cache-tag
551213328688149424177003321265328307476,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 22 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/450a41d471fb85bd920a3e31caeb7bda.jpg
content-length
15492
x-served-by
cache-dca17766-DCA, cache-dca17781-DCA, cache-fra19176-FRA
last-modified
Fri, 22 Jan 2021 22:15:38 GMT
server
cloudinary
x-timer
S1615418226.656818,VS0,VE0
etag
"4e34a1a15ab9d8c24ad1ec1eda02a59c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 05 Mar 2022 23:17:05 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 05 Mar 2022 23:17:05 GMT
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame F7D2 		0
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.526798,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame 24F6 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.528605,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame A835 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1465338
edge-cache-tag
434627008199126008315450987453179400199,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
21383
x-request-id
9da6ea283fe3d593c35ad1a5e2fba995
x-served-by
cache-dca17760-DCA, cache-dca17735-DCA, cache-fra19176-FRA
last-modified
Sun, 14 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1615418226.719861,VS0,VE0
etag
"e4fa7e7fe471d54fa9af4ba7b333c594"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9C22 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=32271
Expires
Thu, 11 Mar 2021 08:14:53 GMT
Date
Wed, 10 Mar 2021 23:17:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame BA67 		0
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.593657,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 90B2 		254 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11956
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418223.616566,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7401
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame A5B2 		0
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.619952,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame D502 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.620599,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot728x90gr-r17261817/log/3/ Frame FE9C 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot728x90gr-r17261817/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.620775,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9C22 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7743f6ae21df46ecc854e614b61ae5d699cdb322d4a25bf6c7173a6cb1729cd6

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05WJo-5P4i2cowxSdYLrk&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05WJo-5P4i2cowxSdYLrk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
X-lat
amspug016:0:436
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05WJo-5P4i2cowxSdYLrk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9C22 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 09 Mar 2021 23:17:02 GMT
usersync.aspx
dis.criteo.com/dis/ Frame C2F8 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 10 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1247
x-powered-by
ASP.NET
date
Wed, 10 Mar 2021 23:17:02 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame 19E9 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ab446049-536d-4200-830e-53a82c00b871&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ab446049-536d-4200-830e-53a82c00b871&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug011:0:508
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 10 Mar 2021 23:17:57 GMT
Server
MT3 3611 f10363c master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ab446049-536d-4200-830e-53a82c00b871&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Mar 2021 23:17:56 GMT
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame F7C7 		43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.13.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Wed, 10 Mar 2021 23:17:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame EE22
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938168445746477198
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938168445746477198
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=C36F9046-E764-4A78-B59A-7F603746D88C; chkChromeAb67Sec=1; DPSync3=1616544000%3A227_226_221_201; SyncRTB3=1617926400%3A203%7C1616198400%3A63%7C1616544000%3A220_13_8_56_166_22_88_204_7_54_71_5_161_3_55_81_99_189_222_78_165_21_176%7C1615939200%3A15_2_67_223%7C1616630400%3A35; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&16736-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23019-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23114-uid:ab446049-536d-4200-830e-53a82c00b871; KRTBCOOKIE_1074=22956-e_35050552-47db-4d3b-8a01-24e92c14db0c; KRTBCOOKIE_107=1471-uid:mTbvcC7t1Lk84C5; KRTBCOOKIE_377=6810-151cb0b5-417b-48f6-a06f-660daa69fe8c&KRTB&22918-151cb0b5-417b-48f6-a06f-660daa69fe8c&KRTB&23031-151cb0b5-417b-48f6-a06f-660daa69fe8c; KRTBCOOKIE_22=14911-2621760102267229147; KRTBCOOKIE_391=22924-7768427892952043446&KRTB&23263-7768427892952043446; KRTBCOOKIE_594=17105-RX-5528d09e-a202-472c-90a9-e9d262864760-003&KRTB&17107-RX-5528d09e-a202-472c-90a9-e9d262864760-003; KRTBCOOKIE_218=22978-YElTbgAAAFLU01LS&KRTB&23194-YElTbgAAAFLU01LS&KRTB&23209-YElTbgAAAFLU01LS&KRTB&23244-YElTbgAAAFLU01LS; KRTBCOOKIE_1235=23226-9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb:$UID; PugT=1615418223; SPugT=1615418223; KRTBCOOKIE_409=22966-8Gw4EtpASaWQd6fzzvtKWc01&KRTB&23212-8Gw4EtpASaWQd6fzzvtKWc01; KRTBCOOKIE_80=16514-CAESEJ05WJo-5P4i2cowxSdYLrk&KRTB&22987-CAESEJ05WJo-5P4i2cowxSdYLrk&KRTB&23025-CAESEJ05WJo-5P4i2cowxSdYLrk; KRTBCOOKIE_153=19420-fwIbEHwBGUxkUB9MKgACTy1WTktkBhoZcVNkj-te&KRTB&22979-fwIbEHwBGUxkUB9MKgACTy1WTktkBhoZcVNkj-te; KRTBCOOKIE_57=22776-2762784060102710731
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 10 Mar 2021 23:17:05 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6938168445746477198; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 09-Apr-2021 23:17:05 GMT; path=/ PugT=1615418225; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 09-Apr-2021 23:17:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:05 GMT; path=/
X-lat
lhrpug013:0:425
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 10 Mar 2021 23:17:05 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6938168445746477198; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6938168445746477198
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 05F7
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Gw4EtpASaWQd6fzzvtKWc01
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Gw4EtpASaWQd6fzzvtKWc01
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=C36F9046-E764-4A78-B59A-7F603746D88C; chkChromeAb67Sec=1; DPSync3=1616544000%3A227_226_221_201; SyncRTB3=1617926400%3A203%7C1616198400%3A63%7C1616544000%3A220_13_8_56_166_22_88_204_7_54_71_5_161_3_55_81_99_189_222_78_165_21_176%7C1615939200%3A15_2_67_223%7C1616630400%3A35; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 10 Mar 2021 23:17:03 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-8Gw4EtpASaWQd6fzzvtKWc01&KRTB&23212-8Gw4EtpASaWQd6fzzvtKWc01; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 09-Apr-2021 23:17:03 GMT; path=/ PugT=1615418223; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 09-Apr-2021 23:17:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:03 GMT; path=/
X-lat
amspug010:0:354
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 10 Mar 2021 23:17:02 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=8Gw4EtpASaWQd6fzzvtKWc01; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=8Gw4EtpASaWQd6fzzvtKWc01
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame FA99
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352295811
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6352295811
  • https://sync.1rx.io/usersync/tradedesk/447a2a1b-19c5-4a05-a863-dea7ae445a21
  • https://sync.targeting.unrulymedia.com/csync/RX-5528d09e-a202-472c-90a9-e9d262864760-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5528d09e-a202-472c-90a9-e9d262864760-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5528d09e-a202-472c-90a9-e9d262864760-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=C36F9046-E764-4A78-B59A-7F603746D88C; chkChromeAb67Sec=1; DPSync3=1616544000%3A227_226_221_201; SyncRTB3=1617926400%3A203%7C1616198400%3A63%7C1616544000%3A220_13_8_56_166_22_88_204_7_54_71_5_161_3_55_81_99_189_222_78_165_21_176%7C1615939200%3A15_2_67_223%7C1616630400%3A35; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&16736-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23019-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23114-uid:ab446049-536d-4200-830e-53a82c00b871; PugT=1615418222; KRTBCOOKIE_1074=22956-e_35050552-47db-4d3b-8a01-24e92c14db0c; KRTBCOOKIE_107=1471-uid:mTbvcC7t1Lk84C5; KRTBCOOKIE_377=6810-151cb0b5-417b-48f6-a06f-660daa69fe8c&KRTB&22918-151cb0b5-417b-48f6-a06f-660daa69fe8c&KRTB&23031-151cb0b5-417b-48f6-a06f-660daa69fe8c; KRTBCOOKIE_22=14911-2621760102267229147; KRTBCOOKIE_391=22924-7768427892952043446&KRTB&23263-7768427892952043446
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 10 Mar 2021 23:17:02 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-5528d09e-a202-472c-90a9-e9d262864760-003&KRTB&17107-RX-5528d09e-a202-472c-90a9-e9d262864760-003; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:02 GMT; path=/ PugT=1615418222; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 09-Apr-2021 23:17:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:02 GMT; path=/
X-lat
lhrpug002:0:500
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Wed, 10 Mar 2021 23:17:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-5528d09e-a202-472c-90a9-e9d262864760-003%22%7D; path=/; expires=Thu, 10 Mar 2022 23:17:02 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5528d09e-a202-472c-90a9-e9d262864760-003
ETag
RX5528d09ea202472c90a9e9d262864760003
bridge
cm.adgrx.com/ Frame 96DA 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 10 Mar 2021 23:17:07 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 6591
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aInoeUqkaHrByktbZceDAdZb5qUr1budxsvnOLV5ZdZb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=df063c7345dd97ff176d6f9606e846ab81615418222; expires=Fri, 09-Apr-21 23:17:02 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aJnseFp26Ub8e4OCbB8IIX9rMe37SDa6fc5p3FqSA9nUUCWFZbP22LQX4ejOnLfEGKCDlr44gcM12Ucf3eUi5; path=/; domain=.tribalfusion.com; expires=Tue, 08-Jun-2021 23:17:02 GMT; SameSite=None; Secure; ANON_ID_old=aJnseFp26Ub8e4OCbB8IIX9rMe37SDa6fc5p3FqSA9nUUCWFZbP22LQX4ejOnLfEGKCDlr44gcM12Ucf3eUi5; path=/; domain=.tribalfusion.com; expires=Tue, 08-Jun-2021 23:17:02 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08c007012f00004a9ebbbb3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e04115196c4a9e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 10 Mar 2021 23:17:02 GMT
content-type
text/html
set-cookie
__cfduid=df063c7345dd97ff176d6f9606e846ab81615418222; expires=Fri, 09-Apr-21 23:17:02 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aInoeUqkaHrByktbZceDAdZb5qUr1budxsvnOLV5ZdZb; path=/; domain=.tribalfusion.com; expires=Tue, 08-Jun-2021 23:17:02 GMT; SameSite=None; Secure; ANON_ID_old=aInoeUqkaHrByktbZceDAdZb5qUr1budxsvnOLV5ZdZb; path=/; domain=.tribalfusion.com; expires=Tue, 08-Jun-2021 23:17:02 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
33
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08c007007a00004a9e11045000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62e04113f8204a9e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 986F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=MXSV1ZexnqKu&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=MXSV1ZexnqKu&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=C36F9046-E764-4A78-B59A-7F603746D88C; chkChromeAb67Sec=1; DPSync3=1616544000%3A227_226_221_201; SyncRTB3=1617926400%3A203%7C1616198400%3A63%7C1616544000%3A220_13_8_56_166_22_88_204_7_54_71_5_161_3_55_81_99_189_222_78_165_21_176%7C1615939200%3A15_2_67_223%7C1616630400%3A35; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&16736-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23019-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23114-uid:ab446049-536d-4200-830e-53a82c00b871; KRTBCOOKIE_1074=22956-e_35050552-47db-4d3b-8a01-24e92c14db0c; KRTBCOOKIE_107=1471-uid:mTbvcC7t1Lk84C5; KRTBCOOKIE_377=6810-151cb0b5-417b-48f6-a06f-660daa69fe8c&KRTB&22918-151cb0b5-417b-48f6-a06f-660daa69fe8c&KRTB&23031-151cb0b5-417b-48f6-a06f-660daa69fe8c; KRTBCOOKIE_22=14911-2621760102267229147; KRTBCOOKIE_391=22924-7768427892952043446&KRTB&23263-7768427892952043446; KRTBCOOKIE_594=17105-RX-5528d09e-a202-472c-90a9-e9d262864760-003&KRTB&17107-RX-5528d09e-a202-472c-90a9-e9d262864760-003; KRTBCOOKIE_218=22978-YElTbgAAAFLU01LS&KRTB&23194-YElTbgAAAFLU01LS&KRTB&23209-YElTbgAAAFLU01LS&KRTB&23244-YElTbgAAAFLU01LS; KRTBCOOKIE_1235=23226-9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb:$UID; PugT=1615418223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 10 Mar 2021 23:17:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:04 GMT; path=/
X-lat
lhrpug010:0:371
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-tfc72
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=MXSV1ZexnqKu&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=b8aa105136b7f168; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 0BD9
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
x-served-by
cache-hhn11542-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1615418223.793979,VS0,VE12
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 10-Mar-2022 23:17:02 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1615418223.714071,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 5718
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1615418222742; TapAd_DID=b8cea363-81f6-11eb-9b9e-8e9a66cd1a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Wed, 10 Mar 2021 23:17:02 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1615418222742;Expires=Sun, 09 May 2021 23:17:02 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=b8cea363-81f6-11eb-9b9e-8e9a66cd1a00;Expires=Sun, 09 May 2021 23:17:02 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame C77A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mTbvcC7t1Lk84C5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mTbvcC7t1Lk84C5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56140526&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156631:4; KADUSERCOOKIE=C36F9046-E764-4A78-B59A-7F603746D88C; chkChromeAb67Sec=1; DPSync3=1616544000%3A227_226_221_201; SyncRTB3=1617926400%3A203%7C1616198400%3A63%7C1616544000%3A220_13_8_56_166_22_88_204_7_54_71_5_161_3_55_81_99_189_222_78_165_21_176%7C1615939200%3A15_2_67_223%7C1616630400%3A35; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&16736-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23019-uid:ab446049-536d-4200-830e-53a82c00b871&KRTB&23114-uid:ab446049-536d-4200-830e-53a82c00b871; PugT=1615418222
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 10 Mar 2021 23:17:02 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:mTbvcC7t1Lk84C5; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:02 GMT; path=/ PugT=1615418222; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 09-Apr-2021 23:17:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 08-Jun-2021 23:17:02 GMT; path=/
X-lat
lhrpug015:0:421
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 10 Mar 2021 23:17:02 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:mTbvcC7t1Lk84C5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=mTbvcC7t1Lk84C5; Domain=.w55c.net; Expires=Sun, 10-Apr-2022 23:17:02 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Fri, 09-Apr-2021 23:17:02 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
um
u-ams02.e-planning.net/ Frame 11FD 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=6ae8b76685acde3e&uid=C36F9046-E764-4A78-B59A-7F603746D88C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
u-ams02.e-planning.net
:scheme
https
:path
/um?dc=a208d9366469aa64&fi=6ae8b76685acde3e&uid=C36F9046-E764-4A78-B59A-7F603746D88C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AATvTG4nezhKj3ly
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Wed, 10 Mar 2021 23:17:02 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w2-QRudkSni1mn9gN0bYjA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=37238
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 11 Mar 2021 09:37:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9C22 		95 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C36F9046-E764-4A78-B59A-7F603746D88C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
62e04113eaba4a7a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08c007006e00004a7a3fa28000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 9C22
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C36F9046-E764-4A78-B59A-7F603746D88C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C36F9046-E764-4A78-B59A-7F603746D88C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C36F9046-E764-4A78-B59A-7F603746D88C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
frontend-id
12
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C36F9046-E764-4A78-B59A-7F603746D88C&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C36F9046-E764-4A78-B59A-7F603746D88C&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C36F9046-E764-4A78-B59A-7F603746D88C&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C36F9046-E764-4A78-B59A-7F603746D88C&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C36F9046-E764-4A78-B59A-7F603746D88C&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:07 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C36F9046-E764-4A78-B59A-7F603746D88C&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzM2RjkwNDYtRTc2NC00QTc4LUI1OUEtN0Y2MDM3NDZEODhD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:04 GMT
X-lat
amspug020:0:377
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7768427892952043446
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7768427892952043446
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug003:0:511
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7768427892952043446
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=151cb0b5-417b-48f6-a06f-660daa69fe8c
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=151cb0b5-417b-48f6-a06f-660daa69fe8c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug007:0:529
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=151cb0b5-417b-48f6-a06f-660daa69fe8c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2762784060102710731&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2762784060102710731&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
X-lat
amspug008:0:319
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:03 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid
6b82d9d2-6f65-4cda-8455-6b2e353cfe14
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2762784060102710731&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C36F9046-E764-4A78-B59A-7F603746D88C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fUspNJZE2uVf5wEWU31rYPsHk_ADQWs-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fUspNJZE2uVf5wEWU31rYPsHk_ADQWs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 10 Mar 2021 23:17:08 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-fUspNJZE2uVf5wEWU31rYPsHk_ADQWs-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
C36F9046-E764-4A78-B59A-7F603746D88C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9C22 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C36F9046-E764-4A78-B59A-7F603746D88C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fwIbEHwBGUxkUB9MKgACTy1WTktkBhoZcVNkj-te
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fwIbEHwBGUxkUB9MKgACTy1WTktkBhoZcVNkj-te
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
X-lat
amspug009:0:415
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fwIbEHwBGUxkUB9MKgACTy1WTktkBhoZcVNkj-te
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2621760102267229147&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2621760102267229147&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug009:0:423
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2621760102267229147&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a96f9a37-9fab-4597-8a7e-3db8a28a5357&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1875ab0-b09e-47cd-81c7-9ceb3bbd6acd&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1875ab0-b09e-47cd-81c7-9ceb3bbd6acd&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:05 GMT
X-lat
lhrpug013:0:823
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a1875ab0-b09e-47cd-81c7-9ceb3bbd6acd&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 10 Mar 2021 23:17:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YElTbgAAAFLU01LS&gdpr=0&gdpr_consent=&_test=YElTbgAAAFLU01LS
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YElTbgAAAFLU01LS&gdpr=0&gdpr_consent=&_test=YElTbgAAAFLU01LS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug001:0:448
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615418223.933811,VS0,VE0
x-served-by
cache-hhn4039-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YElTbgAAAFLU01LS&gdpr=0&gdpr_consent=&_test=YElTbgAAAFLU01LS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:10 GMT
X-lat
amspug020:0:390
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:09 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9C22 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C36F9046-E764-4A78-B59A-7F603746D88C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:365de2b4-3016-4545-adc7-a5a97b75b159&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:365de2b4-3016-4545-adc7-a5a97b75b159&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
X-lat
lhrpug006:0:395
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:365de2b4-3016-4545-adc7-a5a97b75b159&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 10 Mar 2021 23:17:03 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4942300043002063965
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4942300043002063965
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug013:0:360
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:03 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
5b95e995-9ce4-42d3-8e3c-0329c5836fbd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4942300043002063965
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_35050552-47db-4d3b-8a01-24e92c14db0c
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_35050552-47db-4d3b-8a01-24e92c14db0c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:02 GMT
X-lat
lhrpug004:0:409
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_35050552-47db-4d3b-8a01-24e92c14db0c
date
Wed, 10 Mar 2021 23:17:02 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 3509 		254 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11956
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418223.745648,VS0,VE0
date
Wed, 10 Mar 2021 23:17:02 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7402
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 90B2 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
560ca35f988f022a89cd9dfcf91b054aa6ba19c955c586c18b99955605fa2ba6

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
650944
edge-cache-tag
437979102097564947015754295813812764157,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 14 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
22097
x-served-by
cache-dca17723-DCA, cache-dca17725-DCA, cache-fra19176-FRA
last-modified
Thu, 11 Feb 2021 09:50:55 GMT
server
cloudinary
x-timer
S1615418226.721422,VS0,VE0
etag
"255976696bc272fbfcbcd5c27f1c69b5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame 90B2 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b72b2f311fe5a6ef3a74c7f7d8804b4486c4f8f07bdacddbe83a4a2512bf7f24

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1118100
edge-cache-tag
434627008199126008315450987453179400199,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 27 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
7198
x-served-by
cache-dca17721-DCA, cache-dca12925-DCA, cache-fra19176-FRA
last-modified
Wed, 27 Jan 2021 10:28:49 GMT
server
cloudinary
x-timer
S1615418226.749569,VS0,VE0
etag
"be5c7beb9167e7ee2fe83950664a2a79"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
visible
trc.taboola.com/botasot300x600gr-r17261822/log/3/ Frame D06E 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot300x600gr-r17261822/log/3/visible?route=AM%3AHK%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
218
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.841355,VS0,VE218
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/botasot300x600gr-r17261822/log/3/ Frame D06E 		0
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/botasot300x600gr-r17261822/log/3/bulk?route=AM%3AHK%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
196
pragma
no-cache
date
Wed, 10 Mar 2021 23:17:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1615418223.842077,VS0,VE196
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f021591dc32e69a2ecbb8230a98bda6d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 90B2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f021591dc32e69a2ecbb8230a98bda6d.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e499f623d6a22d125b3e52d53b859e9cd21d8433933dca047bb16b7a9f509bf0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
484594
edge-cache-tag
373083302329019568297745335337664459287,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f021591dc32e69a2ecbb8230a98bda6d.jpg
content-length
8992
x-served-by
cache-dca17722-DCA, cache-dca17732-DCA, cache-fra19176-FRA
last-modified
Wed, 10 Feb 2021 20:25:49 GMT
server
cloudinary
x-timer
S1615418226.750605,VS0,VE0
etag
"a94a244fe1f358defef854a4d2b36c8f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3509 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b05b8653fe0c61908a5be84f57513f446424990a425ea48f02af7708f02f0de1

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1009327
edge-cache-tag
437979102097564947015754295813812764157,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
59892
x-request-id
19877842b4b1693021946d9e307ae71a
x-served-by
cache-wdc5571-WDC, cache-dca17727-DCA, cache-fra19176-FRA
last-modified
Thu, 11 Feb 2021 14:59:24 GMT
server
cloudinary
x-timer
S1615418226.781909,VS0,VE0
etag
"eeae32cf57f0776fcf0ddca351f4cd5a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame 3509 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1465339
edge-cache-tag
434627008199126008315450987453179400199,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
21383
x-request-id
9da6ea283fe3d593c35ad1a5e2fba995
x-served-by
cache-dca17760-DCA, cache-dca17735-DCA, cache-fra19176-FRA
last-modified
Sun, 14 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1615418226.781900,VS0,VE0
etag
"e4fa7e7fe471d54fa9af4ba7b333c594"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6
84b5004a0139f504aea1f9137e064aa2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3509 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84b5004a0139f504aea1f9137e064aa2.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
6bbd8776f329aff7f2dbf1fa3e7d849bec5a0e96e66939810e9b9362292d1a98

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
746643
edge-cache-tag
443315867572456920628136890446220819839,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84b5004a0139f504aea1f9137e064aa2.jpg
content-length
12916
x-served-by
cache-dca17768-DCA, cache-dca17727-DCA, cache-fra19176-FRA
last-modified
Thu, 25 Feb 2021 01:18:41 GMT
server
cloudinary
x-timer
S1615418226.815401,VS0,VE0
etag
"33200283cfe19bdb60dcce96fccf3d8c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D502 		254 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11957
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418223.151502,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7403
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame FE9C 		254 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11957
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418223.164390,VS0,VE0
date
Wed, 10 Mar 2021 23:17:03 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7404
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame D502 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d69e4613222d88125f9d23bd14c029de07a0fa7310bc6311ea4924b1fa7af2b6

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3001404
edge-cache-tag
434627008199126008315450987453179400199,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
3903
x-request-id
60667a78308bcb389b1e1ab9506e9dfb
x-served-by
cache-dca17764-DCA, cache-dca17757-DCA, cache-fra19176-FRA
last-modified
Fri, 15 Jan 2021 13:57:00 GMT
server
cloudinary
x-timer
S1615418226.815383,VS0,VE0
etag
"4a3a1259a925fafa233e79e3bc4ce2df"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
25a4eacb6ed68590bffbd3c2eb17a930.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D502 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25a4eacb6ed68590bffbd3c2eb17a930.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
58a40c31deb57f74ee51c955910e9e0325b468b52d242dfb3fe5d641d0f36e9a

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1215912
edge-cache-tag
415010131478755822490915829808796452486,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25a4eacb6ed68590bffbd3c2eb17a930.jpg
content-length
3960
x-request-id
776f032e8288824ac0da54cc00034b62
x-served-by
cache-dca17721-DCA, cache-dca17722-DCA, cache-fra19176-FRA
last-modified
Tue, 26 Jan 2021 06:38:28 GMT
server
cloudinary
x-timer
S1615418226.846396,VS0,VE0
etag
"71e37454647dc53998c64289ba14caa0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
TB1706-TB1705_old_man_double_pinching_next_to_head_mirrored_1000x600_1000x600_a29f8293f49720501d0621a5d2259a48.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/ Frame FE9C 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB1706-TB1705_old_man_double_pinching_next_to_head_mirrored_1000x600_1000x600_a29f8293f49720501d0621a5d2259a48.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d16e8888a931b83d89e1a975d8f527cece87f9e758780aedc7ae60d05924d249

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2364069
edge-cache-tag
511631088070914122391253968142815346703,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 15 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB1706-TB1705_old_man_double_pinching_next_to_head_mirrored_1000x600_1000x600_a29f8293f49720501d0621a5d2259a48.png
content-length
4278
x-served-by
cache-dca17770-DCA, cache-dca17763-DCA, cache-fra19176-FRA
last-modified
Fri, 15 Jan 2021 08:13:45 GMT
server
cloudinary
x-timer
S1615418226.846407,VS0,VE0
etag
"2d74867072fe8e7d4fe7be2f60abbc57"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
hh_podtac2_1000x600_e15049f73ef0734f3eb88202f68f0126.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame FE9C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/hh_podtac2_1000x600_e15049f73ef0734f3eb88202f68f0126.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ad6bcfd6e4d748fdd2ddf2c1cf9fd6f857e1bff90f98f0e09bbdb628bea98df8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
135852
edge-cache-tag
587867291821358482271503955748269177300,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/hh_podtac2_1000x600_e15049f73ef0734f3eb88202f68f0126.png
content-length
2735
x-request-id
4cec68cf01e7c2fec32050851f86cd53
x-served-by
cache-dca17726-DCA, cache-dca17753-DCA, cache-fra19176-FRA
last-modified
Tue, 09 Mar 2021 06:23:12 GMT
server
cloudinary
x-timer
S1615418226.879061,VS0,VE0
etag
"85c96fc0d713d511aaed7a634c2fe3b5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame FE9C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e03105e3b885f27053e6c98019e3215db12b131f95c2131d694659ea7fd9048e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1161020
edge-cache-tag
437979102097564947015754295813812764157,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
9186
x-served-by
cache-dca17746-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Thu, 28 Jan 2021 20:39:04 GMT
server
cloudinary
x-timer
S1615418226.879041,VS0,VE0
etag
"7ea15fa5b13c2ba495cfdb0c02029081"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 3
6b070fdd90b9a7806db35a3349af4d34.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D502 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e03105e3b885f27053e6c98019e3215db12b131f95c2131d694659ea7fd9048e

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1161020
edge-cache-tag
437979102097564947015754295813812764157,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b070fdd90b9a7806db35a3349af4d34.jpg
content-length
9186
x-served-by
cache-dca17746-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Thu, 28 Jan 2021 20:39:04 GMT
server
cloudinary
x-timer
S1615418226.911575,VS0,VE0
etag
"7ea15fa5b13c2ba495cfdb0c02029081"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 4
log_event
www.youtube.com/youtubei/v1/ Frame C449 		28 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/4gEeW7D-q48?rel=0&hd=1&autoplay=0&wmode=opaque
X-YouTube-Client-Version
1.20210307.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgs5UEtPc0NnNWlEdyjjpqWCBg%3D%3D
X-YouTube-Ad-Signals
dt=1615418212745&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C323%2C183&vis=1&wgl=true&ca_type=image&bid=ANyPxKpezZqOOlCSqgdO8DvIvc3oknsKtSCGU6bHE9QdmnFugto4rV7pRr1UKyIctHPyv-P-T4pbdKiGlk56oLh2fZJMmk1bWQ

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:17:03 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 1E92 		28 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/9F-ijnSdWwE?rel=0&hd=1&autoplay=0&wmode=opaque
X-YouTube-Client-Version
1.20210307.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgszX1Azd01aOE1GZyjjpqWCBg%3D%3D
X-YouTube-Ad-Signals
dt=1615418212860&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1001%2C565&vis=1&wgl=true&ca_type=image&bid=ANyPxKqp68vSsMWTqjPN-7o1mfNq5wyZ-0OoryfK1t8wQHdDrwM1kbd1ku3jAvQUezA3RCyJIEFvCmIOJOtTSDDhkzY7anhJfA

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:17:03 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 7CAD 		28 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/d91669a4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Y0MFQiVVmH4?rel=0&hd=1&autoplay=0&wmode=opaque
X-YouTube-Client-Version
1.20210307.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtGZkZ6THFjMGVIZyjjpqWCBg%3D%3D
X-YouTube-Ad-Signals
dt=1615418212884&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C323%2C183&vis=1&wgl=true&ca_type=image&bid=ANyPxKqx82BVwpYOgWAlzv_LFmxEtlARymlYjF-eh_IeRjx_L6P6cGPHBfGra_7wenuYxUsypk2W4nX1ZRX8MRx3DnAlT-LPLw

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:17:03 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 1ACC 		28 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/34a43f74/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/rxgNYXR3a94?rel=0&hd=1&autoplay=0&wmode=opaque
X-YouTube-Client-Version
1.20210307.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtieGZDM2I2X0l0ZyjjpqWCBg%3D%3D
X-YouTube-Ad-Signals
dt=1615418212709&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C323%2C183&vis=1&wgl=true&ca_type=image&bid=ANyPxKqb-SBthx9uQDj94xghJy-uY0OWc2f9bi1d28B7BNVixIOKnB2WxvwqVWNut_u25kpR9F_k1CUT4vqba9IH6GNaywgjSQ

Response headers

date
Wed, 10 Mar 2021 23:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:17:03 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9C22 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:03 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		254 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11958
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1615418225.881751,VS0,VE0
date
Wed, 10 Mar 2021 23:17:04 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
80
x-cache-hits
7406
c41b656a3431046af8b811fce36d69ef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
afb455316e1d36d77c969767054da495eb62e07ca3aa9c294cbca4d884b5783d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
231880
edge-cache-tag
585055093914182757257663711956121478192,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg
content-length
8240
x-request-id
40c296a8b03d848a7ba1ea42f08ab9a5
x-served-by
cache-dca17747-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Sun, 07 Mar 2021 23:11:44 GMT
server
cloudinary
x-timer
S1615418226.911492,VS0,VE0
etag
"c168d6b0bff1cd830d3a3b17e72f2b16"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
les-photos-de-vacances-sexy-de-vos-animatrices-tele-preferees-tatiana-silva.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//voi.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Ea... Frame D06E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//voi.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FVOI.2F2019.2F09.2F20.2Fda2ab17c-139a-4598-8461-0a19634ff3fb.2Ejpeg/620x414/quality/65/les-photos-de-vacances-sexy-de-vos-animatrices-tele-preferees-tatiana-silva.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
55d49225938521783c199e55a742fc0e8f89da430747bf1e2700154648915251

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
505208
edge-cache-tag
560484133364502194926710232792006819167,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 19 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//voi.img.pmdstatic.net/fit/http.3A.2F.2Fprd2-bone-image.2Es3-website-eu-west-1.2Eamazonaws.2Ecom.2FVOI.2F2019.2F09.2F20.2Fda2ab17c-139a-4598-8461-0a19634ff3fb.2Ejpeg/620x414/quality/65/les-photos-de-vacances-sexy-de-vos-animatrices-tele-preferees-tatiana-silva.jpg
content-length
4614
x-served-by
cache-dca17767-DCA, cache-dca17742-DCA, cache-fra19176-FRA
last-modified
Tue, 16 Feb 2021 01:28:23 GMT
server
cloudinary
x-timer
S1615418226.943426,VS0,VE0
etag
"0a335f55130d37ff0790ccf585b125d3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
507f3c56fff823e1105d7634cf1bed4e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/507f3c56fff823e1105d7634cf1bed4e.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0524f274d66315c3d31a90235b2948d4876c10582443d1b0ee01ccbeecc6b3d4

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
36128
edge-cache-tag
553778773050484444481670429977366857170,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/507f3c56fff823e1105d7634cf1bed4e.jpg
content-length
3880
x-request-id
3212df5081d5a90249f4becf5434562f
x-served-by
cache-dca17759-DCA, cache-dca17773-DCA, cache-fra19176-FRA
last-modified
Fri, 05 Mar 2021 11:27:35 GMT
server
cloudinary
x-timer
S1615418226.943745,VS0,VE0
etag
"63c0fbabf0ddb1b40fdbe81cd8c3d020"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
e3d81d6fe1c05d99ade799a0de52b03e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3d81d6fe1c05d99ade799a0de52b03e.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
04ef6f69df2865ee7903dfb0a1f1bb977028ba3d825e785af8fa4134a320eab0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
341890
edge-cache-tag
352802890765880297422630733855355953261,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 12 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3d81d6fe1c05d99ade799a0de52b03e.jpg
content-length
3795
x-served-by
cache-dca17777-DCA, cache-dca12920-DCA, cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 11:45:54 GMT
server
cloudinary
x-timer
S1615418226.976086,VS0,VE0
etag
"a2db4b33631ba3814080d005e7650798"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
5de684c4835734207dd605cc0d4b8d85.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5de684c4835734207dd605cc0d4b8d85.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c4ebbe6b28dd61ca389f7a99a6c1d4f3134ebfe2f2211fa39d26776e00bed713

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
384069
edge-cache-tag
468273360552253466671268636801390219445,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 01 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5de684c4835734207dd605cc0d4b8d85.jpg
content-length
5623
x-served-by
cache-dca17721-DCA, cache-dca17767-DCA, cache-fra19176-FRA
last-modified
Mon, 01 Mar 2021 19:56:34 GMT
server
cloudinary
x-timer
S1615418226.976078,VS0,VE0
etag
"8c77a9239c628a30f3e58c27a0f1e3a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
st
imprammp.taboola.com/ Frame 762B 		0
115 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=7FBA767CF34048628021768342388&cicmp=1337627&cijs=1&dast=V7TfACFgOyt4Gs0v0yrQSyt4Gs0v0yrQUAAAAGBugHHTejMHiz3YbGGQ1Gw9lkOFgsBpPNZrJbLAZTMNjC53R3tyEDTafD57rX636_u8Rvenj-prvSbvP75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAZDEQTEPp930Vjssp6fdLfIJXZaX5x8AAA8FIAAAAhgkAAKJhSUADneLJwAAAAd1Mk_bLP____8xAHnvTTIAFGkbNwY9AA8-AA9CAAAAF0Pu9ywdYCBBNEQFlUWMAAAAALIVnxmPJnVCZVH1____bwVwBQAQgOfRVj6SdXNSzBoGAAAAMLZAD4vfb3bYNX63y_7_________zf7PANCEaEav04BwR6_VeEauFdZ-AQEA2N4NAOBNAC7mAOwAAAAA7v7____zAAAACPYo2V6r8exR1vsMtvA53d31m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkwuZ8uRbbday0yb4Vo0sYzcyuFk5lbNPKORyzXb7RaGtej1Mf1Gk5FxZfHjgyx2c8VmOJcMdnPFaLBKAAAAAAAAAABLmDJvAgAAAHAaxGw22e1W3HizZ4JYq9WyBgAAAODWjRw!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=7FBA767CF34048628021768342388&cicmp=1337627&cijs=1&dast=V7TfACFgOyt4Gs0v0yrQSyt4Gs0v0yrQUAAAAGBugHHTejMHiz3YbGGQ1Gw9lkOFgsBpPNZrJbLAZTMNjC53R3tyEDTafD57rX636_u8Rvenj-prvSbvP75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAZDEQTEPp930Vjssp6fdLfIJXZaX5x8AAA8FIAAAAhgkAAKJhSUADneLJwAAAAd1Mk_bLP____8xAHnvTTIAFGkbNwY9AA8-AA9CAAAAF0Pu9ywdYCBBNEQFlUWMAAAAALIVnxmPJnVCZVH1____bwVwBQAQgOfRVj6SdXNSzBoGAAAAMLZAD4vfb3bYNX63y_7_________zf7PANCEaEav04BwR6_VeEauFdZ-AQEA2N4NAOBNAC7mAOwAAAAA7v7____zAAAACPYo2V6r8exR1vsMtvA53d31m7DFaDWZbJbD2XIxGQxHw9FofwK4HOBEDJbLyWQx2a1Gq9FmuBvNBgsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIkwuZ8uRbbday0yb4Vo0sYzcyuFk5lbNPKORyzXb7RaGtej1Mf1Gk5FxZfHjgyx2c8VmOJcMdnPFaLBKAAAAAAAAAABLmDJvAgAAAHAaxGw22e1W3HizZ4JYq9WyBgAAAODWjRw!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=9969d675-f438-4b2d-982f-5f34de5677a0-tuct742d8eb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1615418226.657490,VS0,VE19
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 		727 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 varnish
age
602538
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697428
x-amz-meta-mode
33188
content-encoding
br
content-length
135037
x-amz-id-2
S90Olu4lpjCC88m3Qfw5BOBZ4QYaPIEiVd3CQgy0dvpD7uNxvAzlCV0SWdtUM3hkChTvWS7nPF0=
x-served-by
cache-hhn11542-HHN
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:50 GMT
server
AmazonS3-br
x-timer
S1615418226.009237,VS0,VE0
etag
"37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
34730A796F44BF63
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
67884
cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:05 GMT
via
1.1 varnish
age
1941384
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697397
x-amz-meta-mode
33188
content-encoding
br
content-length
6493
x-amz-id-2
FxkOFmdqkrJXpfDrUHL5nkx7VCyVkczzOwoW4y3ViAzV9m6BCX+o+KGX/PTYgjQt6iQlI+PJ2fI=
x-served-by
cache-hhn11542-HHN
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:19 GMT
server
AmazonS3-br
x-timer
S1615418226.660455,VS0,VE0
etag
"083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
A9AF261ECA31B798
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
356516
23cee3c8f24e3dd38458d96be6b69da6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23cee3c8f24e3dd38458d96be6b69da6.jpg
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1c0aca0dc9ccf96e2bd24487fbb0d46d79cde33ca8b6503cd3abbbe6f9a37aa8

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
396185
edge-cache-tag
445538431394916110028708307389928599430,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 12 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23cee3c8f24e3dd38458d96be6b69da6.jpg
content-length
4196
x-served-by
cache-dca17783-DCA, cache-dca17755-DCA, cache-fra19176-FRA
last-modified
Tue, 09 Feb 2021 10:53:08 GMT
server
cloudinary
x-timer
S1615418226.007774,VS0,VE0
etag
"5121016544bd5555cac5a8a7ac6be3fa"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront), 1.1 varnish
age
2114986
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-hhn11542-HHN
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1615418226.127333,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
mgdkqzBw1GOTaYomORTPdr_tmhZGYZUuQQ4kYCsx2OfRHmOT3d-7qg==
x-cache-hits
531844
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront), 1.1 varnish
age
69584
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn11542-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1615418226.183434,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
duXZV0i4ZSVC1-tAr6cZHFunN-GB24YQyZTOQIqiUhVHBP_fxBkvMQ==
x-cache-hits
5983
c41b656a3431046af8b811fce36d69ef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
c41b656a3431046af8b811fce36d69ef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D06E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
afb455316e1d36d77c969767054da495eb62e07ca3aa9c294cbca4d884b5783d

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 10 Mar 2021 23:17:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
231880
edge-cache-tag
585055093914182757257663711956121478192,521082122111656791893804920795633740693,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg
content-length
8240
x-request-id
40c296a8b03d848a7ba1ea42f08ab9a5
x-served-by
cache-dca17747-DCA, cache-dca17724-DCA, cache-fra19176-FRA
last-modified
Sun, 07 Mar 2021 23:11:44 GMT
server
cloudinary
x-timer
S1615418226.191063,VS0,VE0
etag
"c168d6b0bff1cd830d3a3b17e72f2b16"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
qetmthalovtpuz2y16gx.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1615161756/ Frame D06E 		472 KB
473 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1615161756/qetmthalovtpuz2y16gx.mp4
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a83f90cad255c8eb75a7d45120d3fdcf59da46afddac97813475b1cb016e6d31

Request headers

Referer
https://www.botasot.info/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Mn3whz_OySU_WzKx.NNDA1ztZyMqkNY.
via
1.1 varnish
etag
"09f9a4c174a03747b2db665e5d566232"
age
81
x-cache
HIT
Content-Range
bytes 0-483619/483620
x-amz-replication-status
COMPLETED
Content-Length
483620
x-amz-id-2
kDZCDvK7QLNmmzjIzXPlwd4t7HaoCwfjiQn+ltDoxY3BQDvsgnOrYhJXKZxQvGZ7IQIQR1nDn7c=
x-served-by
cache-hhn11542-HHN
last-modified
Mon, 08 Mar 2021 00:02:43 GMT
server
AmazonS3
x-timer
S1615418226.198548,VS0,VE1
date
Wed, 10 Mar 2021 23:17:06 GMT
x-amz-request-id
2R88XBFPJ11SEF1F
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
61
x-cache-hits
0
events
bidder.criteo.com/csm/ 		0
146 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.botasot.info
date
Wed, 10 Mar 2021 23:17:08 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
perf
trc-events.taboola.com/botasot160x600gr-r17261820/log/3/ Frame 90B2 		0
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/botasot160x600gr-r17261820/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210309-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:10 GMT
server
nginx
x-fastly-to-nlb-rtt
19217
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.0.134:10213
prebid
ib.adnxs.com/ut/v3/ Frame 8E1D 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2a811ebfb7470c3038381b86ebec8c2a309532619dd6c3b86154abd9da5cdf60
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Mar 2021 23:17:15 GMT
X-Proxy-Origin
217.138.207.140; 217.138.207.140; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
54d289ce-6ce5-4931-ac8c-0a1e49aab7f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.botasot.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 8E1D 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=5781021559
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.botasot.info
date
Wed, 10 Mar 2021 23:17:15 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
hb
ice.360yield.com/ Frame 8E1D 		99 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2238c0cf50c8ca50c%22%2C%22version%22%3A%226.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.botasot.info%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22377f9762a557e3a%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22344175%2C%22tid%22%3A%2236db3d4847e0bff%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a1e06ab8aa0fdb961061f76d106b29673d7d2c93c105bf331822fa5871d3e3cc

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.botasot.info
date
Wed, 10 Mar 2021 23:17:15 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
rtb.adxpremium.services/openrtb2/ Frame 8E1D 		303 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c4bd1069b9dd3463e58e5bd22c76470cdc63d75ac59ec2a1fe2e28dccbc57f

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 23:17:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c00733f700006467e090b000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KMHLauSU6E2mFJXqGsS8UdSpkn0T0oWIPC1LWrArjOpU8wSxcjhyQMT%2F9ZISSwOdCobF5mo7OpVK2TyNS0kX4QfCrLjYdEdhGY6VFf3s6D6wrW7pVp4XxGZCaimqmynbl4z2UA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/json
access-control-allow-origin
https://www.botasot.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62e041665db76467-FRA
expires
0
arj
adtelligent-d.openx.net/w/1.0/ Frame 8E1D 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.botasot.info&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=47c1e6f205ca10a&nocache=1615418235892&aus=300x250&divIds=vm-place&auid=541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
f87400ce19d4e8485bb53d3e677abdd7d0854de9c3181eb50cd6ce2d4bf73c11

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:15 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.botasot.info
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
161
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
ptrack
a.audrte.com/ Frame B37F 		380 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?p=M1353665098&artime=2021-03-10T23:17:16.336Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGYWRzLnVzLmUtcGxhbm5pbmcubmV0JTJGZ2V0dWlkJTJGMSUyRjVhMWFkNzFkMmQ1M2EwZjUlM0ZodHRwcyUzQSUyRiUyRnJ0Yi5hZHhwcmVtaXVtLnNlcnZpY2VzJTJGc2V0dWlkJTNGYmlkZGVyJTNEZXBsYW5uaW5nJTI2Z2RwciUzRDElMjZnZHByX2NvbnNlbnQlM0QlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dXNlci1zeW5jLmFkeHByZW1pdW0uc2VydmljZXMv
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c7d4883b10c477d742bfa11d45821cebdbcd089268852696bff38e33069f36eb

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:16 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
268
usync.html
eus.rubiconproject.com/ Frame 2CC0 		291 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Mar 2021 23:17:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 2CC0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20006
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9309
Expires
Thu, 11 Mar 2021 04:50:42 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2CC0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
cookie
cm.adform.net/ Frame A9DE 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:17:16 GMT
server
nginx
content-length
43
content-type
image/gif
p
a.audrte.com/ Frame B37F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null&google_tc=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null&google_gid=CAESEPk6BZBebJVzLOuP222uIl0&google_cver=1
  • https://a.audrte.com/p
68 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 10 Mar 2021 23:17:16 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame B37F
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=null
  • https://a.audrte.com/a?adform_uid=8579590713389664277
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESEPk6BZBebJVzLOuP222uIl0&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:17 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Wed, 10 Mar 2021 23:17:17 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame B37F 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null
Requested by
Host: www.botasot.info
URL: https://www.botasot.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 23:17:17 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
multitracking
ghb.adtelligent.com/adunit/ Frame 8E1D 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:17:16 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
pd
eu-u.openx.net/w/1.0/ Frame C45C
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
668 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
357a0253bcebdaa14f18481a441cfc017775624caaf1c87d201da6af11800189

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=dbff1b69-e2d3-0e6a-1d11-a0a6311cc5b6|1615418240
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=dbff1b69-e2d3-0e6a-1d11-a0a6311cc5b6|1615418240; Version=1; Expires=Thu, 10-Mar-2022 23:17:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1615418241|gekin0vNiygu; Version=1; Expires=Thu, 25-Mar-2021 23:17:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Mar 2021 23:17:21 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=dbff1b69-e2d3-0e6a-1d11-a0a6311cc5b6|1615418240; Version=1; Expires=Thu, 10-Mar-2022 23:17:20 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.202.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
date
Wed, 10 Mar 2021 23:17:20 GMT
content-length
0
via
1.1 google
alt-svc
clear
sd
eu-u.openx.net/w/1.0/ Frame C45C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=efe86049-5381-4300-ac57-e6befbfa6835
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=efe86049-5381-4300-ac57-e6befbfa6835
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 10 Mar 2021 23:18:15 GMT
Server
MT3 3611 f10363c master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=efe86049-5381-4300-ac57-e6befbfa6835
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Mar 2021 23:18:14 GMT
sd
us-u.openx.net/w/1.0/ Frame C45C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YoxOjWGPQoV5jBvXZIpXhmaETNJ53UqMZ92Uoupq
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YoxOjWGPQoV5jBvXZIpXhmaETNJ53UqMZ92Uoupq
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YoxOjWGPQoV5jBvXZIpXhmaETNJ53UqMZ92Uoupq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C45C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5541452396091844729
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5541452396091844729
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5541452396091844729
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C45C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=08532430-4b54-319d-47c7-684e553bf64b&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.114.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-114-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C45C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjQzY2Y3ZmEtODIyMy02ZjM5LTUyMjctMzJmNzlmZDkzODJi
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjQzY2Y3ZmEtODIyMy02ZjM5LTUyMjctMzJmNzlmZDkzODJi&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjQzY2Y3ZmEtODIyMy02ZjM5LTUyMjctMzJmNzlmZDkzODJi&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjQzY2Y3ZmEtODIyMy02ZjM5LTUyMjctMzJmNzlmZDkzODJi&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C45C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0zucr_bRKCiQxlILbHZHI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0zucr_bRKCiQxlILbHZHI&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:17:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC0zucr_bRKCiQxlILbHZHI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame E5C1 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.botasot.info
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.botasot.info
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.botasot.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.botasot.info/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1520
date
Wed, 10 Mar 2021 23:17:21 GMT
content-length
0
multitracking
ghb.adtelligent.com/adunit/ Frame 8E1D 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidmg/q448727/botasot.info.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.botasot.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.botasot.info
Date
Wed, 10 Mar 2021 23:17:21 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/12/103/2/8.gif?puid=a101a96ac30e6ccc07d72de7573a5494&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/12/106/1/9.gif?puid=05fa2204023af04687f3b962&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/12/106/1/9.gif?puid=05fa220402a3c4e17b1f6af4&gdpr=1&gdpr_consent=
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F163%2F0%2F10.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D1%26gdpr_consent%3D
Domain
id5-sync.com
URL
https://id5-sync.com/c/12/106/1/9.gif?puid=05fa22040269b45562265fa5&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/12/106/1/9.gif?puid=05fa220402754b9eb2ab1769&gdpr=1&gdpr_consent=
Domain
p.oftads360.com
URL
https://p.oftads360.com/prebidmg/118696/j.html?i=8208
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=23311050423
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2212e9dc5f2a30d81%22%2C%22version%22%3A%226.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.botasot.info%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221188e3d80cf9b1%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22344175%2C%22tid%22%3A%2210f427d56a648c4%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
adtelligent-d.openx.net
URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.botasot.info&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=2169be3dd7e8cf5&nocache=1615418213881&aus=300x250&divIds=vm-place&auid=541177132
Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c41b656a3431046af8b811fce36d69ef.jpg

Verdicts & Comments Add Verdict or Comment

334 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| countryCode object| allowedCountries boolean| __isMobile object| _gaq object| _atrk_opts function| __tcfapi function| __uspapi object| gjdmpInitializer object| gjdmp object| bisko object| Criteo function| $ function| jQuery object| criteo_pubtag object| criteo_pubtag_105 object| Criteo_105 object| TWAGORAINARTICLE object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync string| m3_u number| m3_r object| FB object| _gat object| gaGlobal string| OX_0ca3bf51 function| P function| iFrameResize object| ProjectAgora object| validRules boolean| check number| max_priority object| x object| formats number| len number| temp number| selected_id function| atrk boolean| _atrk_fired object| regeneratorRuntime function| __tcfapiui object| projectAgoraPbjs object| div object| ins object| script string| OX_ecd9553b function| projectAgoraPbjsChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO function| confiantWrap number| themoneytizer_async object| geo object| node object| eucountries object| sas object| generic function| criteoCallback function| whenFormatFctDefined function| whenDefined object| criteo_gum object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| target object| notifyme object| ix_lib object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26323 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| loadScriptTemelio function| isEmpty function| GetRichAudienceZone function| GetAdmixerZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText number| nugg object| _qevents boolean| moneycaching object| params function| Adcall_26323 function| MobileDetect object| md function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| OX_58aeb48e object| tag object| firstScriptTag object| player function| onYouTubeIframeAPIReady function| onPlayerReady boolean| done function| onPlayerStateChange function| stopVideo object| _wau object| html5 object| Modernizr function| yepnope object| classie object| jQuery111308598449534595796 object| lightbox object| lazyLoadOptions undefined| script1 undefined| mycontent object| _taboola object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady string| scriptUrl object| YT object| YTConfig function| onYTReady function| tmzrChunk object| invibes object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26328 object| pubstack_publica number| bidder_geo object| _clrm object| headertag boolean| mgCanLoad1079095 boolean| mgFallback1079095 boolean| mgShortWidget1079095 boolean| mgUseConvertedCode1079095 string| mgRootId1079095 object| div1079095 string| rootDiv1079095 string| mgPreloadId1079095 object| _mgIntExchangeNews object| MarketGidInfC1079095 function| MarketGidCContextBlock1079095 function| MarketGidCMainBlock1079095 function| MarketGidCAdvertLinkBlock1079095 function| MarketGidCInternalExchangeBlock1079095 function| MarketGidCColorBlock1079095 function| MarketGidCUtilsBlock1079095 function| MarketGidCMonitorBlock1079095 function| MarketGidCRejectBlock1079095 function| MarketGidCCriteoBlock1079095 function| MarketGidCAmpRenderBlock1079095 function| MarketGidCInternalExchangeLoggerBlock1079095 function| MarketGidCObserverBlock1079095 function| MarketGidCSspDoubleClickBlock1079095 function| MarketGidCSendDimensionsBlock1079095 function| MarketGidCAntifraudBlock1079095 function| MarketGidCAntifraudStatisticsBlock1079095 function| MarketGidCRtbBlock1079095 function| MarketGidCDiscountBlock1079095 function| MarketGidCActivateDelayBlock1079095 function| MarketGidCIframeSizeChangerBlock1079095 function| MarketGidCAccidentalClicksBlock1079095 function| MarketGidCExternalCountersBlock1079095 function| MarketGidCYandexTurboBlock1079095 function| MarketGidCContentPreviewBlock1079095 function| MarketGidCCountersBlock1079095 function| MarketGidCGradientBlock1079095 object| onClickExcludes function| mgReject1079095 function| mgLoadAds1079095_12232 function| MarketGidCReject1079095 function| MarketGidLoadGoods1079095_12232 function| AdskeeperCReject1079095 function| AdskeeperLoadGoods1079095_12232 function| LentaInformCReject1079095 function| LentaInformLoadGoods1079095_12232 function| IdealMediaCReject1079095 function| IdealMediaLoadGoods1079095_12232 boolean| mg_loaded_176604_1079095 object| libJsLeadPlace function| _extends function| _typeof object| lazyLoadInstance function| LazyLoad object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey boolean| _mgPageView176604 string| _mgCanonicalUri object| _mgq function| _mgqp number| _mgqt number| _mgqi string| x1 string| x2 function| LoadCriteoAllPlaces1079095_12232 boolean| i.js.loaded boolean| i-noref.js.loaded object| TRC number| taboola_view_id object| cmTag undefined| define function| startCMTagMain undefined| bid undefined| vastUrl object| targetingParams function| arrive function| unbindArrive function| leave function| unbindLeave

2 Cookies

Domain/Path Name / Value
.openx.net/ Name: pd
Value: v2|1615418241|gekin0vNiygu
.openx.net/ Name: i
Value: dbff1b69-e2d3-0e6a-1d11-a0a6311cc5b6|1615418240

9 Console Messages

Source Level URL
Text
console-api error URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api debug URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/b/o/botasot.info.1079095.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/b/o/botasot.info.283092.js?t=12121023(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/b/o/botasot.info.94395.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=null|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=l04ql90vWHzQV-aI9sCFx3Jaw&gdpr=0&gdpr_consent=null"}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.admitad.com
ad.turn.com
ads.avct.cloud
ads.botasot.info
ads.creative-serving.com
ads.playground.xyz
ads.programattik.com
ads.projectagoraservices.com
ads.pubmatic.com
ads.themoneytizer.com
ads.us.e-planning.net
ads59.adtelligent.com
adtelligent-d.openx.net
adtrack.adleadevent.com
aghtag.tech
ajax.googleapis.com
ams.creativecdn.com
api.rlcdn.com
as-sec.casalemedia.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
bn01.er.bemail.it
boot.pbstck.com
bttrack.com
c.mgid.com
c1.adform.net
c3.taboola.com
cdn.admitad-connect.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.mgid.com
cdn.pbstck.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
ced-ns.sascdn.com
certify.alexametrics.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
d.agkn.com
d2zur9cc2gf1tx.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.rtbsrv.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsp3.adtelligent.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
ghb.adtcontent.com
ghb.adtelligent.com
ghb1.adtelligent.com
gjstatic.blob.core.windows.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
i.liadm.com
i.ytimg.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
js-sec.indexww.com
jsc.mgid.com
loadeu.exelator.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
ml314.com
mp.4dex.io
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
p.crm4d.com
p.oftads360.com
pahtag.tech
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
player.adtelligent.com
pm.w55c.net
pool.grid-data.bidswitch.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prod.perf-serving.com
projectagora.net
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
quantcast.mgr.consensu.org
rtb-csync.smartadserver.com
rtb-usw.mfadsrvr.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.c.appier.net
s.cpx.to
s.e-planning.net
s.seedtag.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.smartadserver.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.leadplace.fr
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
vidstat.taboola.com
visitor.fiftyt.com
waust.at
whos.amung.us
ww1097.smartadserver.com
www.botasot.info
www.facebook.com
www.google.com
www.google.de
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
adtelligent-d.openx.net
bidder.criteo.com
ice.360yield.com
id5-sync.com
images.taboola.com
p.oftads360.com
pm.w55c.net
104.108.41.56
104.108.50.124
104.16.199.73
104.19.135.78
104.19.136.78
104.19.216.61
108.128.254.60
13.225.84.15
13.226.159.106
13.79.176.48
139.162.117.143
141.226.224.32
141.226.228.48
142.250.185.66
145.239.192.166
145.239.193.145
151.1.205.165
151.101.114.49
151.101.13.44
151.139.241.23
159.253.128.188
159.65.196.12
159.69.64.14
168.119.127.61
173.231.181.122
174.137.133.49
176.34.121.94
178.162.133.149
178.250.0.165
178.250.2.151
18.156.0.31
18.157.138.23
18.158.174.89
18.185.0.221
18.185.197.81
18.195.130.212
18.195.155.181
185.183.112.155
185.184.8.30
185.29.135.233
185.33.220.145
185.33.220.244
185.64.189.110
185.64.189.114
185.64.190.106
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.113
185.86.139.89
192.132.33.46
198.148.27.139
199.232.137.44
2001:678:cb4:bbbb::11
212.224.118.36
212.82.100.182
213.155.156.180
213.174.135.2
213.19.147.150
213.19.147.151
216.52.2.30
217.156.250.128
23.210.249.113
23.218.208.187
23.218.208.200
23.218.208.246
23.79.143.124
2600:1f18:444a:4602:fff0:3de7:a67e:fe5f
2600:9000:2127:8400:9:46dc:4700:93a1
2600:9000:2127:8600:4:b37b:9440:93a1
2600:9000:2182:de00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:37ce
2606:4700:10::6816:5d
2606:4700:20::681a:407
2606:4700:20::ac43:462b
2606:4700:20::ac43:47f1
2606:4700:3030::6815:1b4
2606:4700:3032::ac43:ca88
2606:4700:3033::ac43:dcda
2606:4700:3035::6815:2f1c
2606:4700:3037::ac43:d48b
2606:4700::6810:ef3
2606:4700::6812:d05
2606:4700:e0::ac40:6208
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2004
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c1b::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba12
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:12::1400
2a02:fa8:8806:16::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
2a05:d018:24:b001:cff3:ca6f:14e6:5ad7
2a0c:5c81:5101::2
2a0c:5c81:5142::2
2a0c:5c81:5160::2
3.121.79.35
3.122.214.165
3.123.210.158
3.127.166.11
34.120.133.55
34.240.2.137
34.247.104.176
34.96.106.9
34.98.107.212
34.98.67.61
35.157.249.55
35.186.253.211
35.201.81.244
35.201.96.126
35.210.215.44
35.212.212.222
35.227.247.230
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.236
37.157.3.29
37.157.6.241
46.249.52.248
46.249.52.249
5.178.65.253
51.89.21.31
51.89.9.254
52.0.135.151
52.210.253.186
52.31.77.198
52.4.128.233
52.46.130.13
52.49.114.167
52.51.160.138
52.56.207.211
52.59.102.119
52.95.124.170
54.194.13.58
54.208.157.219
54.37.44.146
54.72.19.40
54.78.254.47
54.85.167.1
62.149.0.72
63.34.130.174
65.9.96.19
66.155.71.149
66.155.71.25
67.202.94.94
69.173.144.138
69.173.144.165
77.243.60.138
85.114.159.93
87.98.252.5
88.221.62.154
89.163.159.108
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84
04ef6f69df2865ee7903dfb0a1f1bb977028ba3d825e785af8fa4134a320eab0
0524f274d66315c3d31a90235b2948d4876c10582443d1b0ee01ccbeecc6b3d4
0566aef81cb147afc12499af01c1d2ddc551b85a836f9beb8046ba61d6a4479d
0682578b3515e099197d585c16c6860f059c496b34525ba075925027d1d61dfe
07a0aa40c94afcdf079407c1384aa45d6229314afe11149306492ee90ea36b95
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7462bf7920653ebef7ac1315a674ccfd189322b81e011934ff3c67ecfe6e1c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10bb9f6536e7477fcb05163e3a6b032a668d45e54f8cd8a7f5023015a7852124
11f4096e122142fb8434561a854fc08160ca77b0f1a578fd45113344fe40b79d
1272fec548bf374a77e52acbb5a9716ae823f7dffcb81cd6baf2acbcdbbed7da
13980a32f2e750758427b9bcd160f7753dccafc27d62a3b502b4518903f839ed
153232d7a63e1f452827ba72a1fddd4b964a322ae067c29301c4cede21f0d043
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1764a82180924aaadac3765a627e47f63b83b87f8e3bdb9a040c159527b6e017
17c7db1ce8195c6b484a4ef6f8897799a352373cbb6fbb4909e03a0115a57ba7
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1b83f5fd9991bf6c2f06a891c98e29bc2d288f1ffcb446e9000c6ed0e5bd7404
1c0aca0dc9ccf96e2bd24487fbb0d46d79cde33ca8b6503cd3abbbe6f9a37aa8
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1d426e2629ad75fbd036233b61bacda28be5f3567ada506a8704b08e0d0fdb4a
1d548aec1182959f65cc03c41d9a16d1559713b4cbe19251b7e666aded0c24ff
1d9a2f4153993aa7399a97b268adefd70e34c943e670f26394e88ef45e6b9e00
1f5c32cf5266d345f49cb96a07afbd099d2814a540d7bfcff3c641cd8b0d7d8c
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
218f936f72f3ff310570bcbb1f7af84ba63d591da7a675f1a36cf481210d94bf
219debf4d0ace9615e622c1408e90b921fbce45af77014abe02d35d4b6f2ac9c
21a84680ef4ffc0ff47d04666ae2115eb53e329c8953428723769801cb90e385
220c489cbfc8f3cdcd8130e543fb3062048a3690942f676f69f6827e1bc287b1
2227599193b520d63eb990b76c4f05c59a80d0d497ec5cf659fab8c7ee7a1507
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
2393698989d639d5e3f33868ffbd0c2469d4af8bb06ce51e928771d6f1ffcff6
239b64535117a219ab49ae6d00c106096db2c5ca5ff395c3271377b45ec0f0e7
23f89d277fc4268fd297170563e53c2ee1109e7beb9603b80eb30bc405879b67
24fe3ad971af59050eb81aa1bd8c1dae7e011f339e5d6edd0c9d189c6b06525f
25a923552c5f1d2513278b51856b92dfcc3d4b2a4c59582ce68adab5ae6c46ab
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
273a9b4657282328103262613bfa245689397a7d1883de593a26c1a24652b56d
2a811ebfb7470c3038381b86ebec8c2a309532619dd6c3b86154abd9da5cdf60
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3a118b06aa8d3d2250d7373110715acf2b4baccddab94f98cf34cb9fbe2ec0
2e860d8f28cd864858d89399ff7fe3badac2448245c8db4b196151417b5e3bc6
2f0fa364673cbba1c2fe13bf8f3483bc175757d0061ca20fd351dc3c1017a755
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301bb142036db876adfd7ed658d27d7e9921e71f325713f40786ba1cc0ba116f
31544b94955c836ce2145a4e9ec93d95775472568fee0f6c409a085cdec7fc93
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
325975aeda706a7bed4e52f7b520aa827bb0336a3289fb627a624e22a68c3cc3
3283b47498994013d6cf3e8ec0ddc30217d6a1fdadc4f99311a6dff0647abb68
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0
32e10dd179bf9b0810d8f41e01a8d66c114eeb546d7ca77302df1041d6aa15f8
35467d9b96ab8c40a79049a2f495a0ca5bdba43472cd8c59cee2f111ca6c7254
357a0253bcebdaa14f18481a441cfc017775624caaf1c87d201da6af11800189
3589a90389479a14daea0ab821b2e7702fcdeb15d7f1165867fe221b3b1e620e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c1c5e41a5a4223171e7d8facaf90299cf4069228d5870b15d901f09ef8b3617
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6b4ae1b4a0567db278f891768b8f707e8832d3f0711dac4a22467d4b911653
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb68960e30e3c41098358c8ec722922bed6361ab8752d41a16a139daef27aa8
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
413d1019b37732044f169dfc84520226181ab3a63e324e1e630ee110ef76d27d
416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e
44ce81d4948d8b8511354d7b6921946da055dc0ca99046388551af07dc68121e
46449766c61e4954b257b13bb18afc874fe84ef80c8f3f5f9e04a83d45f60dc3
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b37db983b2afed7778537cc96822d2b31e3b7f6fc8801bdb2c80b54a60da499
4b6679091b5ea4512385d6f4ebe09e43dd3e9b0bc93df257543b5a009b634d7f
4c264c6ad15eea3c8f8917e177acaba6855bc6eae109ac2acf2be2a515e9f50a
4ced9a035952a53cd86c6f07671da4ebaa97c8c63f32b8d0e2d49d8a2159c4d5
4d2f2b768dbcce1931e736b7c88e12621167d50c36151d8bb6a697dc8aea30b7
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f600b1db2ac23f7973100fae454508086ff2db74558b89428d64639c2b38e79
511cdd61289cf319534352bebef72dbbc72e26de252a86bdb7471f01f7e24f23
5183db3dd5ebd330a49f1f51ce3b69800775d193adc6699d76637b0bfeeef98a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5595963bca2af38bc8e44b3447f2fbe26d3d552b151e0d2cba04530609cf6676
55d49225938521783c199e55a742fc0e8f89da430747bf1e2700154648915251
560ca35f988f022a89cd9dfcf91b054aa6ba19c955c586c18b99955605fa2ba6
58a15b5b07dccbcbd1315ccc6021d94fca6280c4b8bc1d2c1dcf47b7a96cad58
58a40c31deb57f74ee51c955910e9e0325b468b52d242dfb3fe5d641d0f36e9a
5a5a184ca35df04733fd7c1121b0bba5e9b35d2564fb143fae525755dcf6c6da
5af0e9a1724a015590aef7e4400e45930d8c7d314d587e0732c5a60053be9953
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5b5539135143814703c866c2b8561b50641478c3996afafed0de64dc13eb67ff
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5df44de896d25576e570ac24051479b357cde2e4786c72fb7dad521ad2f531f4
5e71a50826f971e7f413fa835283e667b2974dfb57b02046c1f453f9b91f74d1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
628da314d68f94d5703d448fca8b9b497e57c97cbb4a98bfbc0b190a4f61540f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f567184f55cbfdb53a8ff71c5c7be414dd76478abd0ee9460928be6b9e52c3
692596e11ca1bacbeb79236fc8a02044cdb21472bdc49342ad01e9edf18132f7
695dbeaa3a6fd6c7fdefcf9ce57960a11940640a621ed82e23e559ee0057903e
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6a26a42f10a1e927f2440bbf5d1748e6361d661b79ba708adf7f7c5e94a4c405
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1e8b385e8757bee84070d43450b3bf322ec3235cc6c0825af6c72d906b6e62
6bbd8776f329aff7f2dbf1fa3e7d849bec5a0e96e66939810e9b9362292d1a98
6c649b4d842cdb6275335ebff6b2668e03f21fd1aaad4d550ea22b78ebe7549b
6e8c56ad0b89c4d18ca24c3f99cfc6db667001a8aedf38727e13839c640b2e91
7025d427e0a275e4217b38aa21de8bdcc643cfa966920124b631d3ffa484384d
70eb32f35222dc3e549f646158d244c9341feda31e7f9008db36db5be8a77eb5
736124086a13e14243b02c63914c3f874e0c19f3324f73cea6d23a4fba0e0d8e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74675d52f118edeefb40f2818b7d4110077d232f20ac3d186849c36f4f0c6198
7490e5a0147240fe0200301364b0c0a0757ec345a4889d63bc03406002075b23
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
758533be412e03c5283cfe06d6c8920eb2829b0184788e7b63624271c7df50d5
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7743f6ae21df46ecc854e614b61ae5d699cdb322d4a25bf6c7173a6cb1729cd6
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7e8158695e0e4cf90e8ee1ac3fd76572a677909d6969df84086026841e84b1fe
7f36de4455b10ca52ae3e585dc4cafd63851715da1ae3e4b2439f66ac045ebfd
7f4f066ce39090186721f11f9a16e21a70ff3804537e3b018f36af4dc0304ead
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
813dc8564f01d90d722ecd79acfae7d2ada529fba8abb8011eaa5924481f5f59
817693901c8347367c0ad9ce22453b8a9258ce010c1ec29e140cffe124694565
8201caf2a28bcbce0d47a0bc762313477c02f1b7970a9f177a9bb29594186068
835698ad7ea8929df52ce490bdebdcabdd03002a7f3c72480b035e41184cf4ab
84281dba226336e91720304f2f1b549d276711fc42b472d1fcead7d917b59978
86885355084c1416066cda2dff11ee1095c58031d649dc6ad30bc2fe71995525
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87dac8b01a3e716ce5f520e7df3d370fbfe877d75a62df87f91f22082df22d67
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c4508c688e17fb2e0d8489e0039d88f29ebbd6eb5aaf5e7183299d1a1af8294
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0ab80bf15e76bbd1707664408503fbdc4ccf4a9e974938c799d9e827f3cb51
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9096e54950e352d4210472791024dd06a17f4f4fe20db81a006cc30cab26237a
90db3101a83aa963a9a5f4f5155861f0f02ac6222ecced805a1b38c0b6e92d6a
918d9d12712d5fe836e08ca6218dce1b5ae5be69be8df96b37016da582d4cbe4
924bd01a910a12b6c3734bd21a50257ac44d3770fd8e04a3086f5125d5350529
9270d88b8b4b22529e5f933bd9e0b9cdecd6086546f8152d39b0b98495aa4dfd
9358f222ba40b683e83f1705f68d251bf6002d597f38707e59abef418d6dfc37
94a61589533c48ea8a22085bd3c59c0b481fe10000526580f3d12692527db719
95724c93f5c328900b9d677071d142073c3cfdd732f1e123a5a063c26d7a6ed1
973cf225de45ec42ec32d1bee3fe4242405f8c7318aca095cb0928f4d4ba3701
998deffa9e59733ab3aa3dea37551528dfea298e9396415baf4d565c3b1579a4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b389c815fa2fae51c192f049e55a3d23411d6d5725f3700af9da6c52d40c085
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ce958ac64ad7bebbe2733b1d0f287c201b8d0a2925551f48faa86c3e9e23880
9d2f83a5752f02c084569894069e3229b27d301b972aac208bf51ebe286e0636
9f01aa1a6c52531759ce3f7b63067d4e8997005b19e5f49c29cc3cf71faebb33
9f9f9a6b812cbaa9976464f789b49cf8ce38a49eccad330c648dee224848a0e7
a045e186e8a55f0850b871d4a2f4d5a2da2c549c8dc9fb6c8708a36aba68f11e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1bf8cefe720501fe04c7ed7062dccc699865cb6b1fa26ac7367c480a01433d1
a1e06ab8aa0fdb961061f76d106b29673d7d2c93c105bf331822fa5871d3e3cc
a1ea2ff7361d6f98b5acfb3b6f3cd3e4935996dc568106d16f52fd6d6b33fe54
a31f86c8412c094e0cad4f8780467f94afc919c606d7c7f34777bc5998d1225a
a3685b4beda580238eeb2402193811f88e85ab6b97c3f397ccb54d2b2d959c16
a4694a75326748110e9cd6b60b8c9c2798452b507f6a5dc69b309b8f57e2a52d
a4c20e7c70dd13a0fefeb9f4db9b057a335c3d8d5e0b69b507a161b5d7912c1a
a83f90cad255c8eb75a7d45120d3fdcf59da46afddac97813475b1cb016e6d31
a854b949c0570691ae8b3e3ed0adc1a0c93d2318f71f7665107daaff53d0e43f
a88c3560e787ff0cdf0b548468e46c0c812a140fec9bcdb438587e3b5ce5eef6
a88cc7da1973bf847e3740685fc737b04d4bb5b5ab78c8158ac66adc3cd56391
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ad6bcfd6e4d748fdd2ddf2c1cf9fd6f857e1bff90f98f0e09bbdb628bea98df8
adf03f7ab87622faa77b4d12f97ff80466377950b805021a07a8c11804ceac14
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
aec9005fdc49ada6926660816bf0e41c448d7ee4f59761f6f2186f8963afd3a8
afb455316e1d36d77c969767054da495eb62e07ca3aa9c294cbca4d884b5783d
b05b8653fe0c61908a5be84f57513f446424990a425ea48f02af7708f02f0de1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f
b72b2f311fe5a6ef3a74c7f7d8804b4486c4f8f07bdacddbe83a4a2512bf7f24
b818625aee61e4d04927a4a01b12bce36fcfff5d23c1cc342519bb8b5ac6edb4
b870980d45306c0f91f240c2bf2b1020a5d9f225f633d150e02f3e2e5803576e
b941c541a9367e056a1a9ecb6f8f33b8bc6f7dbc62647adfcd7e442cfe3111bc
ba103cb03a9334225b48cd88660f435d2f646d83b8cb085632b064b2e7118138
bc72914d31d4b58dfa84644e01dc03945ffa0a66bc80920f09d30efd882ec557
be131a40cea72d4107c660ba2a8a1edf42e076df8d264785d5376a15589f762e
bee6da40901df475d7b151e72dda4efb2ba0eea2c9c2c42ccf0ed0d4a5cdd0de
bef68150a61b79f71c0f81f23efe27a78da8f6e60e0f188d378b407f9276225a
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167
bf63f443c1c0aaf69fb46c8b660b6d87b7aaeb10ad631f8785b8eebb95cfcd75
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c286cdd59541edb5d17c058b78afea71a3d2e4092e997fbe777667d1813bd097
c2d0c281519e31954278ba8946fa818eaeb68051112d3b030b9af11062df26fb
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c4c4bd1069b9dd3463e58e5bd22c76470cdc63d75ac59ec2a1fe2e28dccbc57f
c4ebbe6b28dd61ca389f7a99a6c1d4f3134ebfe2f2211fa39d26776e00bed713
c52b16607de413e3ad4fdd9e199540fd5593524566397907928265e528b397e7
c6029b0b41c1f09b53038f3fd83bb1f518edf893e1cda64d768bfd0f854006e4
c7d4883b10c477d742bfa11d45821cebdbcd089268852696bff38e33069f36eb
ca4e74b1199790b898884005269b32d21ab896528c4f47305e13698ace105ffe
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
cd26c0ae713e171a6d75b9235c3944689d036841a2f1edc820c1a72ccea2085a
cd5eab77f77d3f12f4161998cff1c3f89c89a5ede5d73852a3ac8f7c9498a308
cd6449a4c8c49b4d01fe55e5b47371ba54df9858c6c8bff260d3d500ac24e932
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06b73b6f816c0b28d283051c827b23f3fcd5aa396e4c36f7c0cb73eea3afa4b
d147cda91ae12ae7b9c6fc3510b7e940516bfd536c1a7ecc4c1f5b2964bf6ca6
d16e8888a931b83d89e1a975d8f527cece87f9e758780aedc7ae60d05924d249
d1dc781bf69f07ae034540172fe72e293e812e9e7e90cf9b6d06ed84e38dc4da
d1edc8d96bc4b6a9795005ca9e7e2bcc72d337686c52e54f374269279e3d5be5
d24c262d9ee1f342e6d4d28edf9c039d897a2b7c0385192dac5d6dfae46e53b0
d36fda47e40ecea59113a73893bb52e4301a909a78a764a73f0145830d2a6b26
d3d5de4595d6068b5c753d2acea51a303b7111b5c6364b1386731e71c76882d9
d56aaf51b18e1d9c7522f9b823d2d367bd9181a7432046e23973fa9de40b9a16
d684e9df04d0a7c98d296fc9fb55b4c441bfd1d8581494107261225198885460
d69e4613222d88125f9d23bd14c029de07a0fa7310bc6311ea4924b1fa7af2b6
d6ac9f04ec51bb2e5cb71fcac82999a19352b0f8ca1844f9ead2a1eb25cba1ce
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fca7eccf3644f92f2ccb0c738f57b8dfd33f701a95660d44a26b1d1df03269
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db26db399dc0fe49ae159e3c98e2ddb30f0f0ba3a5e78232a00b35078033cf88
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dea197afb1c70ebecb116eee2aaea9c307b09907b27ac0858c471e73ac067a5b
df1b41c4371c43265ae127bf2b96f0a8137b9b47f4225c95fec93711ee1b79b8
e03105e3b885f27053e6c98019e3215db12b131f95c2131d694659ea7fd9048e
e0ebab0601f663441faea3d22d4cce4d5d03f97b2d19d201b38280f3b270ca59
e1365e2772793da87f3376ab15ab21637278c51bfd91e62af652749451be2d7c
e21faabc2b83e51ceffe56dac2f5d1525978aad819e708c6fcc613479113e8f3
e25a5c0e87c932a23bcaeeea3b3251b2c1b35427acb783cc72e8fb61e71139e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bfe07e2a8c59c831a42b7c2a9205f1c5af18f53b3a54bbd826f41a976be192
e43ae32f5c2326bd2f881e5a9ace23eb793291bb649b76aa925610024513e6b2
e499f623d6a22d125b3e52d53b859e9cd21d8433933dca047bb16b7a9f509bf0
e52e0f2325c14b8cb9909df543d8b399c48a791c617f74a3cc52ae279108cb15
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e8143d2ce4883c14ad30cc19e04d311470c3d54b5ba49ddfba2e337947888efb
e877d95f5ec273c644062ddaf76f9a90931d778e040f95e84da285cc0bd88a74
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed426b17afdfa5cb2f1682b021ab8903bffeebd3b45ead32837c7de76aa15bb3
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef0d80c9782eb1cfac57024ea1766f0baae2ac31d51874b91991ae355d9009f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef56ce02a8b74885fb23125c02e3a5cce50efd028fdcfdcb6e208f4c0fdfa201
f32b24dcc0307ecfcecec5ede1120f0ef90aefa69fcbed6843f45d4c5d6681b3
f3ccaf6c4c4022b9fbe938e7253da465dddfd661e6aa77bb8a6513502d712643
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68870a1250e67d9eb6ae2bacb1fd3a1267db6a730f8e333fcf898c461588707
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f87400ce19d4e8485bb53d3e677abdd7d0854de9c3181eb50cd6ce2d4bf73c11
fa4ed075e4bed7242c3d856482da48ea6abdbdddedbbef0c13defb8e91835bbb
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc8d6201a89428a7f81ab11a351314da59096cc21a8908acb78e0b89f7e2d4b2
fe1cfab2241bf6b22d0de2c308b3f3ca947944f9d1bc12b803b27cb69be6eb9d
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995