onetag-sys.com Open in urlscan Pro
51.222.39.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner
Submission: On November 14 via manual (November 14th 2024, 9:50:34 am UTC) from US — Scanned from US

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 44 HTTP transactions. The main IP is 51.222.39.185, located in Canada and belongs to OVH, FR. The main domain is onetag-sys.com. The Cisco Umbrella rank of the primary domain is 785.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on January 23rd 2024. Valid for: a year.

This is the only time onetag-sys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	51.222.39.185 51.222.39.185	16276 (OVH) (OVH)
2	3.171.139.27 3.171.139.27	() ()
1 1	35.212.198.217 35.212.198.217	() ()
1	2600:1f18:235... 2600:1f18:2352:af00:5a8a:80f:f486:e034	() ()
2 2	35.212.160.220 35.212.160.220	() ()
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:45cd:c37:f63e:2835	() ()
1 1	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2002	() ()
1	2001:4998:14:... 2001:4998:14:800::1000	() ()
1	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
1 2	54.204.151.184 54.204.151.184	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:247... 2600:9000:247b:6000:8:48e:53c0:93a1	() ()
7	2600:1f18:1ac... 2600:1f18:1aca:4281:9ddd:9315:d895:4390	() ()
44	10

25 51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.171.139.27 (United States)

ASN- ()
PTR: server-3-171-139-27.jfk52.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.212.198.217 (The Dalles, United States) 1 redirects

ASN- ()
PTR: 217.198.212.35.bc.googleusercontent.com

ghent-gce-or.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:2352:af00:5a8a:80f:f486:e034 (Ashburn, United States)

ASN- ()

pn.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.160.220 (The Dalles, United States) 2 redirects

ASN- ()
PTR: 220.160.212.35.bc.googleusercontent.com

us-west-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:45cd:c37:f63e:2835 (Ashburn, United States) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.202.130 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2002 (United States)

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (United States)

ASN- ()

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.151.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-151-184.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:247b:6000:8:48e:53c0:93a1 (United States)

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4281:9ddd:9315:d895:4390 (Ashburn, United States)

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 785	35 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 783 static.adsafeprotected.com — Cisco Umbrella Rank: 805 dt.adsafeprotected.com — Cisco Umbrella Rank: 597	112 KB
4	bidswitch.net 4 redirects ghent-gce-or.bidswitch.net — Cisco Umbrella Rank: 5434 us-west-sync.bidswitch.net — Cisco Umbrella Rank: 5627 x.bidswitch.net — Cisco Umbrella Rank: 438	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 340	34 KB
2	yahoo.com 1 redirects pn.ybp.yahoo.com — Cisco Umbrella Rank: 1805 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 583	5 KB
2	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 3298	98 KB
1	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 160
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 799	933 B
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 2669	14 KB
44	9

	Domain	Requested by
25	onetag-sys.com	onetag-sys.com
7	dt.adsafeprotected.com	onetag-sys.com
3	static.adsafeprotected.com	tagan.adlightning.com onetag-sys.com
2	pixel.adsafeprotected.com	1 redirects cdn.js7k.com
2	www.googletagservices.com	tagan.adlightning.com
2	us-west-sync.bidswitch.net	2 redirects
2	tagan.adlightning.com	onetag-sys.com
1	ad.doubleclick.net	tagan.adlightning.com
1	s.yimg.com	onetag-sys.com
1	cdn.js7k.com	tagan.adlightning.com
1	x.bidswitch.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pn.ybp.yahoo.com	onetag-sys.com
1	ghent-gce-or.bidswitch.net	1 redirects
44	14

This site contains links to these domains. Also see Links.

Domain
yahoo.com

Subject Issuer	Validity	Valid
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-10-31` - `2024-12-18`	2 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-28`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-25` - `2025-05-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner
Frame ID: CF590051C66EAEE91D89CC8020DD8CE2
Requests: 31 HTTP requests in this frame

Frame: https://tagan.adlightning.com/iponweb/blacklist_script.js
Frame ID: 0913FA49AA0A39A8C6D7B7BD30E305AB
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1189728.3624834DISPLAYVERIZONME/B32598314.405511791;dc_ver=102.299;sz=320x50;u_sd=1;gdpr=0;nel=1;dc_adk=816616757;ord=phx03k;click=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2FhuwhmibXwOjjiAtfjuzWCOFsu4HjR7Cy2YTVHRjdzGcIWx2Oqz7E8_RxNlvUaaj8UU01uz6dEF_h470rFmjsFRT_31bCXMaG1FhRYzsfPXg9nORzcuZEvusv6yDmCHIs0K562Dn7IyEt441SzIsFStNW1nqRZiX1pBiFafGZTHgoc1QKoEqGW7Vb0H-VP9HKHv-iGVIeovz6RBkHBRl7mEeYwLLI3qgtGG5LryXkMiZILdZSVIp-D8P9PSbi4PDTzmeNQlxFjdsXki3g2Lxl8mgCYZlgSMiI61Fl2wViwds%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fonetag-sys.com%2Finvocation%2F%3Fkey%3Dfb8f193b-6355-4d92-bacc-63c545f77394%26ad_type%3Dbanner$0;xdt=0;crlt=ciCajQxnH.;gcsr=m;stc=1;chaa=1;sttr=103;prcl=s
Frame ID: C96B7C21D2CE442B9E3E36F26D440F83
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 2BDDE03E1B1A9C3FA25AA6CCF50377A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

44
Requests

93 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

10
IPs

2
Countries

298 kB
Transfer

891 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://yahoo.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ghent-gce-or.bidswitch.net/impf/0.142978/BSWhttps_A_B_Bpn.ybp.yahoo.com_Bab_Bsecure_Btrue_Bimp_BKhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn__OcQs17FYRjqrfnDL0gzj7BIiqywb__QgDYAmZCmuUydrbR8qf6bt8JQqDu-A0u8ranlX0WH18mZA3hP1qJ9__IsKdaXV05MwJV850gAvkjk872m6DNQ9PubAzj3dxFZRmGhquVoxt265jdTjVrKH1uaCcNjK7eNewu5N11q9Rp1SOg2RHtDgCMu7Ebt7s0E2yY__5ex4b5Inz9C__rJKJyZl7jgEY7SkuvsDy__MEEtnemwDoe__aGoEfvLbiQA6qb-vMiLhl451E0-dYPQzdICZuOHwDVSu8Hj51Ba3S8D0L8dbNoO9IbGyAI6__8cLPvM3Be3fOKaw5bElZX__M__WgKBTXIkm8ZpZZMh7zZGBKOwoDn9i-NK__D4jF9ZUUVB3ArXokEXMIzAZaA-mTKv0hCoKyA2cV1yLsIga5WtMB__ad4YvdwpzJRdQuecVC8rHHuhPtacuGoqAggr5p9WntP8hhPALSZBuJ9oa8unpmEijh-IVTQoc95Rb6q4sDaEJRGxSlwN6sBWuO2bomf9RamCEDYbZGHIHCKZKJQd6DOXfezue4Km39E9bPyz8aqO02vRCk66AsAyu__hBC9eBEDejJK5KvelbApnGn--hIIBbSpDyVlM9Xq252f-N6Yydfwq8ZcuqZ-oUUsG9V4Nn2GGCMPh-zJ6rLY2QM97CqL7LS-QJ04DgQYm3d__2ST4AgPfZLgb-TCWbPYEg7tXdTB4TY5SwGoSVvebDflfPHx43FywRJnwmHjbaAfrhVctn0iaYvdqlI7NosbeihR__bXLRgjEOr4mF0oTy052bLAM3JBcZQwK8j6Ms6__Wr8rlBu5fOpi58SNZb3AN-XtYiMJFFk9zhiQcnQPKacYxupkgc-jTDxxE2RDSbqIdz-bPagwNgZys2L0zqw__gXY02l3Rxy0PO4CA0PUTRs6zQlwZzWIzMbuGf-ODdkm44rwd9HdHrtH2XR7EX____t2ErDoS0bmydeIj-cGWHCL-li2kpvrjZIaRdKoSDHK57e20IS7eXHbO5CNkbFO5cFrH-721En2efzvmFqg6KS90q6Ezr6U0PxxnYwdxrJGXNwgkdbFojYgZwagKYxTN__NYrWxhRTeGIKui3GxukCmfB8dnsWPkwgC2MMATCJ__kh7QyiBreHasLS8o3xd7lXGMWE6OM-Rdrnn2HQvyfhXdixoXmn__RK__y36fAm9OwfLXYj6zh-IlMa-BTBuBTLoqHFLib8VT7Lhs1TRrtSHLnRF9ycrqUIADnZ__usJ5XorIluv__dzuadNGhkPtUuw8vx-58viXs-ukp3mcnMF0Cu5YazZz5hRn55v80zU0C__wwc7tU-oRWVcMWIx2uvNfnoazPPzK9bWI96DTJEMAakUaOsO5LkxEk5kTZIdIBdCgb565__zd88M8SxEKHvc8Xn2UVWIo5wQQBcY0q7sT7mWUDkv8vyBtu3-Iw7a35QlM9ghtelUOLLmAm2CXComn57kmKYTaMNnH9DVAF-pAvwpPv5B6Hxk0sOKS4yZqjHtLFc3aumhlWgEi7JXa54anvrXGfFda__ocd4Zt7RXHMHkH2-3g-knnG4VUFvMjrmQ0nibEmLctvidsNTLD9CJervz5Y-coiX4ggeIGZFeh3um7njr5l5gdUpTTNMe0xmhl3QPmWzfEGJ3Ze8fllzi_Bwp_B_I_WAUCTION__PRICE_X/PRz9QWwEBplXnWU2BeMPId_lhMGdvBiiVVaSCGs69sU4jJ2iGz4uPuuglaedqkdHSAFV3vwUROw8V2CNQDF9b2BJf9GszZR_6vahUhq4ywpEHJ4tgr5Zf0IU3q_70--kf42fMtjnkhR0ceZL8brbWM_D9ngGNGY4E7s3mNgDb5NCjv4RSVq0fwQMzCFevOGmZz4dqs-FXvF98nQd8IrGSi3a8fraWHOxREoMW80uXj_IclZHUHITluW1rLGLirJyx_f6xayLLt6NWnVvCoNaVaRAhHg8_DFnyxi513jjPoQ7szQQoa3fz-6agPdgPb61M9GBjq-181Pcs-m3jbMCMmBj4pcznaEo41Lq4Hyp8DqO9r2uKCvXBPFChMXbr2w2gU_8vW9CGsEYApzNQpARV5qFeCAJZb-K7ezeypxSIad-kFfXztRgEZzSqscZcZlWz94bRDI4VSXzZ2eHkVLTCA2baaAsZ7TH0mAYTJlB0V70nbh5bE99h7JYk1k9iDKdCSoWRJtqL_iaH1PtTQ7AqCBghpR94Ys5Q_acHLsKmjV5Z_1bpKh8jPLCQ5t6yhkP9NtGpo7TJJst78TtABir5jjDOCxDyYyFLnh1naR_A9FgD9IHkf58x1GSu-HjdgzAuB7cYhWtFT8q4T9U9Xz6VxVcOK1y1Js2hashGkw2pHWoaY_jjj1nLzjchzgKiUENSdvK09FbfD7ds3sdkhhDaaaDG2KIRKJfSh5QaeA_nReYo4_C2o6JxfsUAHDn-KKjjue1UjPPENz2ZzIZmFP4bDw38X4auLvXSVd_Xm-LvFToPZXBssVuS55FcE4MUYA-GHcBhHlWxyt94WnJQRrCBwyFCfS6ti16YIGxFYYQSnCChOsYmLGLzzroMPkB0WLxQP17c78SooTWy16eRo3Ttm9RxSsCPs7Qvm4nBH0uQ_tdonyIfxIbCIRxyYLyephvXsP11CD0zdie9uVNBs7OE1P7y9caPSzvg_ywRVCJ779Wf0GxUKyB0un1N-NZacBAwjrLW7YFqxUwmTDtV2P35m2vJEmd1DYNqNRJBOELqN2yXGTVI34n1ic9RhpPWg8sA1bc9eHx_8e2wHwfK39i99iPudg-1lvh-TMuHgA1WZ3xZIhaX7CtAYwOGmjJNYoJTHSe0sk4yRrD2ilyBH1e0oRRRo5-k3itigxd16AdiGBfJFBe3mbiu6h1KK1d8mNmEofF-H86dLalBC7qMjR_5z_EbNd5jOpYtVwrlHLix1_oFHNIvWMzQmYVS1clrfwl4S8Yvd1ciWc4q936Hf5Y3vc0G5_zSqbQceDWDmsD1y9nWUfvkao_h6sZmYmC9n4DTtNOW-G-jFK9e3fPKLI8tBS6CJLlZmeDJoXhqmSm-0Cu_h5X_Bb6DUApkSigpxs1dTjq0ehRMUWlWYPpk1UWiOGUeSW2E3ffENdKd7frErpZ-gTexCkwIe3oFLXucpx0AK01HQkJ1KYJmcJ2NSS9hvOx5tAzHR35XEi4rrnLbSpv6ApaGpS90uWGI3E1Jabwk5pDCudz0ygY3TTr2hkh88Xcpzi6oBqgR7PAULblf0hpjpPtg3G6K7Ao-HAnCfFnGAbRdTZvzKxuStFumk1HMkDtEzOgVRtZQ1jDOJheMSWtL7apGqiy2TQ_h7NpIOWflrVD5adXK0ar-P92KbDuO0zebMo4g-ZqoBJX5oTG18lSKv4_QR1NU36eF3gn0Sa0-X1sFJbDfxXI2717RAf7KCiJ0mQ3Xax8dRgmZ5kySF-B3FVSb33K8mo-smt440UzCpBaL6tBjNpBYRGKots5dTE-lqQgNx5ILjIoidtJIN7IZUklRiYRVL-vKCuoLkxWUbWzaQQeuSAy3VwDMpCMtcwq8Lz-0GlczaDeJzsDjUuxKHLOOQpA0B9sGa-TRKsLbpjw0wD5d_QBIuICdAG8d0-WRtHhPY5Z6AwdBPOwvc59QyfK8qzDqWS6bP7yQqmjqLzEixOD74F4n26cX-ADM_3Oe602PTZz-5oKAFGaEmqYR0KVd-JdDIwunUrFUGRxwtXbi8X7D-kNh6pBE4q_aDk84xnkLrR1IxMsiIKTsATGy4-6oSSmoNKrUlA1yIeZ0sX-GlHCVE22RTX7FBHEPUKG_UEJHecrwx2gBFqZWWGIJkU-u5UjcWEJ7ByqXsieZKIbS4mufBXICBLIAcrJnVWJKlGaBhY1HoZ_IL4FQofjbxY2OvmVRoHNZe2A0pXX6hzdYPagZeDA-udTwuSH6MyVO6TwIztj5OYOmLGUCID-w2ovRNc4MEDelenOzqinYPY6BmWoEvqDm8zSxwVpKQnSWS5lCzn6Ljt8AMr-ZFwcihZ2vDwHFEJNtRxNBYrkZfjR-wJ4c-WS6xi1/ HTTP 302
https://pn.ybp.yahoo.com/ab/secure/true/imp/KhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn_OcQs17FYRjqrfnDL0gzj7BIiqywb_QgDYAmZCmuUydrbR8qf6bt8JQqDu-A0u8ranlX0WH18mZA3hP1qJ9_IsKdaXV05MwJV850gAvkjk872m6DNQ9PubAzj3dxFZRmGhquVoxt265jdTjVrKH1uaCcNjK7eNewu5N11q9Rp1SOg2RHtDgCMu7Ebt7s0E2yY_5ex4b5Inz9C_rJKJyZl7jgEY7SkuvsDy_MEEtnemwDoe_aGoEfvLbiQA6qb-vMiLhl451E0-dYPQzdICZuOHwDVSu8Hj51Ba3S8D0L8dbNoO9IbGyAI6_8cLPvM3Be3fOKaw5bElZX_M_WgKBTXIkm8ZpZZMh7zZGBKOwoDn9i-NK_D4jF9ZUUVB3ArXokEXMIzAZaA-mTKv0hCoKyA2cV1yLsIga5WtMB_ad4YvdwpzJRdQuecVC8rHHuhPtacuGoqAggr5p9WntP8hhPALSZBuJ9oa8unpmEijh-IVTQoc95Rb6q4sDaEJRGxSlwN6sBWuO2bomf9RamCEDYbZGHIHCKZKJQd6DOXfezue4Km39E9bPyz8aqO02vRCk66AsAyu_hBC9eBEDejJK5KvelbApnGn--hIIBbSpDyVlM9Xq252f-N6Yydfwq8ZcuqZ-oUUsG9V4Nn2GGCMPh-zJ6rLY2QM97CqL7LS-QJ04DgQYm3d_2ST4AgPfZLgb-TCWbPYEg7tXdTB4TY5SwGoSVvebDflfPHx43FywRJnwmHjbaAfrhVctn0iaYvdqlI7NosbeihR_bXLRgjEOr4mF0oTy052bLAM3JBcZQwK8j6Ms6_Wr8rlBu5fOpi58SNZb3AN-XtYiMJFFk9zhiQcnQPKacYxupkgc-jTDxxE2RDSbqIdz-bPagwNgZys2L0zqw_gXY02l3Rxy0PO4CA0PUTRs6zQlwZzWIzMbuGf-ODdkm44rwd9HdHrtH2XR7EX__t2ErDoS0bmydeIj-cGWHCL-li2kpvrjZIaRdKoSDHK57e20IS7eXHbO5CNkbFO5cFrH-721En2efzvmFqg6KS90q6Ezr6U0PxxnYwdxrJGXNwgkdbFojYgZwagKYxTN_NYrWxhRTeGIKui3GxukCmfB8dnsWPkwgC2MMATCJ_kh7QyiBreHasLS8o3xd7lXGMWE6OM-Rdrnn2HQvyfhXdixoXmn_RK_y36fAm9OwfLXYj6zh-IlMa-BTBuBTLoqHFLib8VT7Lhs1TRrtSHLnRF9ycrqUIADnZ_usJ5XorIluv_dzuadNGhkPtUuw8vx-58viXs-ukp3mcnMF0Cu5YazZz5hRn55v80zU0C_wwc7tU-oRWVcMWIx2uvNfnoazPPzK9bWI96DTJEMAakUaOsO5LkxEk5kTZIdIBdCgb565_zd88M8SxEKHvc8Xn2UVWIo5wQQBcY0q7sT7mWUDkv8vyBtu3-Iw7a35QlM9ghtelUOLLmAm2CXComn57kmKYTaMNnH9DVAF-pAvwpPv5B6Hxk0sOKS4yZqjHtLFc3aumhlWgEi7JXa54anvrXGfFda_ocd4Zt7RXHMHkH2-3g-knnG4VUFvMjrmQ0nibEmLctvidsNTLD9CJervz5Y-coiX4ggeIGZFeh3um7njr5l5gdUpTTNMe0xmhl3QPmWzfEGJ3Ze8fllzi/wp/0

Request Chain 4

https://us-west-sync.bidswitch.net/sync?ssp=onetag&dsp_id=74&imp=1 HTTP 302
https://us-west-sync.bidswitch.net/ul_cb/sync?ssp=onetag&dsp_id=74&imp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=15b72c43-72c2-4a00-b3de-a6c7a5c54efa&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-_Oo3ziNE2pkYq_8fgO18nRW17hm4MVBcgiEjSQ--~A&expires=5&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=15b72c43-72c2-4a00-b3de-a6c7a5c54efa&gdpr=&gdpr_consent=&us_privacy=

Request Chain 15

https://pixel.adsafeprotected.com/rfw/st/854585/68926917/skeleton.js?bundleId=shopgoodwill.com&ias_dspID=30&ias_campId=753757&ias_pubId=183&ias_chanId=3394657&ias_placementId=0&ias_creativeId=7458421&bidurl=https%3A%2F%2Fonetag-sys.com%2Finvocation%2F%3Fkey%3Dfb8f193b-6355-4d92-bacc-63c545f77394%26ad_type%3Dbanner&adsafe_par&ias_impId=v4~~1028369271442917371:1731576874457&adsafe_url=https%3A%2F%2Fonetag-sys.com%2Finvocation%2F%3Fkey%3Dfb8f193b-6355-4d92-bacc-63c545f77394%26ad_type%3Dbanner&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fonetag-sys.com%2F&adsafe_type=f&adsafe_jsinfo=,id:82403e8a-653a-afd5-1cfb-e679c1976e6b,c:tZmIu8,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5c6979c97f-2nk85,rg:va,pt:1-5-15,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1.CmxKD1,mtim:314,mot:0,app:0,maw:0,tdt:s,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,et:336,oid:dd9132c9-a26d-11ef-ad71-4ed2f555d3cb,v:19.8.553,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ff:1,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onetag-sys.com/invocation/ 11 KB
7 KB 212ms
69ms Document
text/html 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

1b2e774a4a9eb2e43f0e8910af06a8788f136b51debe44e413bafc202fd03b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 7402
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 BannerAdBannerPlacement.js Show response
onetag-sys.com/static/ 81 KB
25 KB 70ms
69ms Script
application/javascript 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.54

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

6134e9f44cd31ed59d65a3a806438733a173c24f46d4f6149e2fcf16e93574fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
cache-control: public, max-age=2628000, immutable
content-encoding: gzip
expires: Mon, 01 Jan 2046 12:34:56 GMT
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 24932
content-type: application/javascript
vary: accept-encoding

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/iponweb/ Frame 0913 212 KB
73 KB 259ms
122ms Script
application/javascript 3.171.139.27

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/iponweb/blacklist_script.js
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.139.27 , United States, ASN (),
Reverse DNS: server-3-171-139-27.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e168d6e1fb8e4b40d2f2415af79eaa0afc3cb6632cc13448cea6d95f091b99c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
x-amz-version-id: MIxwBTvK0Zo2qXBWMjjT17QPgb92NAGE
etag: "40f0776d407d4bd82cd05fff8f1f73a7"
age: 2584
x-cache: Hit from cloudfront
x-amz-cf-id: q9OHqROmB-pHaVJIiQ9_6otD7tKSdji1u8szeOm1_fPfQnWdZwBM7Q==
date: Thu, 14 Nov 2024 09:07:18 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Wed, 13 Nov 2024 21:37:38 GMT
cache-control: max-age=3600
via: 1.1 92a8583818732665d61a5f5d4edba97a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 74647
x-amz-meta-git_commit: 72ac1d2
x-amz-cf-pop: JFK52-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/iponweb/ Frame 0913 64 KB
24 KB 206ms
69ms Script
application/javascript 3.171.139.27

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/iponweb/blocking_script.js
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.139.27 , United States, ASN (),
Reverse DNS: server-3-171-139-27.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a45718752cf23a8cab8534f6d1e4a67f2b26d37ceb46dfa2476c134355ffb058

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
etag: "68461ca1ff21c7c49ce28c3f6af829a2"
x-amz-version-id: JowTisVqr162ynIhnaWsD8kTI422MfGa
age: 57230
x-cache: Hit from cloudfront
x-amz-cf-id: oWqOg66G1_Tey2fnQkXneOo3GAM22pDbqxoY1Sn5OGbpYUU4AXkUYA==
date: Wed, 13 Nov 2024 17:56:32 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 17:56:01 GMT
cache-control: max-age=86400
via: 1.1 92a8583818732665d61a5f5d4edba97a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 24361
x-amz-meta-git_commit: 00c2c09
x-amz-cf-pop: JFK52-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

0 Show response
pn.ybp.yahoo.com/ab/secure/true/imp/KhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn_OcQs17FYRjqrfnDL0gzj7BIiqywb_QgDYAmZCmuUydrbR8qf6bt8JQqDu-A0u8ranlX0WH18mZA3hP1qJ9_IsKdaXV05M... Frame 0913
Redirect Chain

https://ghent-gce-or.bidswitch.net/impf/0.142978/BSWhttps_A_B_Bpn.ybp.yahoo.com_Bab_Bsecure_Btrue_Bimp_BKhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn__OcQs17FYRjqrfnDL0gzj7BIi...
https://pn.ybp.yahoo.com/ab/secure/true/imp/KhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn_OcQs17FYRjqrfnDL0gzj7BIiqywb_QgDYAmZCmuUydrbR8qf6bt8JQqDu-A0u8ranlX0WH18mZA3hP1qJ9_Is...

3 KB
4 KB

200ms
69ms

Script
text/javascript

2600:1f18:2352:af00:5a8a:80f:f486:e034

General

Check archive.org

Show headers Download Go to

Full URL

https://pn.ybp.yahoo.com/ab/secure/true/imp/KhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn_OcQs17FYRjqrfnDL0gzj7BIiqywb_QgDYAmZCmuUydrbR8qf6bt8JQqDu-A0u8ranlX0WH18mZA3hP1qJ9_IsKdaXV05MwJV850gAvkjk872m6DNQ9PubAzj3dxFZRmGhquVoxt265jdTjVrKH1uaCcNjK7eNewu5N11q9Rp1SOg2RHtDgCMu7Ebt7s0E2yY_5ex4b5Inz9C_rJKJyZl7jgEY7SkuvsDy_MEEtnemwDoe_aGoEfvLbiQA6qb-vMiLhl451E0-dYPQzdICZuOHwDVSu8Hj51Ba3S8D0L8dbNoO9IbGyAI6_8cLPvM3Be3fOKaw5bElZX_M_WgKBTXIkm8ZpZZMh7zZGBKOwoDn9i-NK_D4jF9ZUUVB3ArXokEXMIzAZaA-mTKv0hCoKyA2cV1yLsIga5WtMB_ad4YvdwpzJRdQuecVC8rHHuhPtacuGoqAggr5p9WntP8hhPALSZBuJ9oa8unpmEijh-IVTQoc95Rb6q4sDaEJRGxSlwN6sBWuO2bomf9RamCEDYbZGHIHCKZKJQd6DOXfezue4Km39E9bPyz8aqO02vRCk66AsAyu_hBC9eBEDejJK5KvelbApnGn--hIIBbSpDyVlM9Xq252f-N6Yydfwq8ZcuqZ-oUUsG9V4Nn2GGCMPh-zJ6rLY2QM97CqL7LS-QJ04DgQYm3d_2ST4AgPfZLgb-TCWbPYEg7tXdTB4TY5SwGoSVvebDflfPHx43FywRJnwmHjbaAfrhVctn0iaYvdqlI7NosbeihR_bXLRgjEOr4mF0oTy052bLAM3JBcZQwK8j6Ms6_Wr8rlBu5fOpi58SNZb3AN-XtYiMJFFk9zhiQcnQPKacYxupkgc-jTDxxE2RDSbqIdz-bPagwNgZys2L0zqw_gXY02l3Rxy0PO4CA0PUTRs6zQlwZzWIzMbuGf-ODdkm44rwd9HdHrtH2XR7EX__t2ErDoS0bmydeIj-cGWHCL-li2kpvrjZIaRdKoSDHK57e20IS7eXHbO5CNkbFO5cFrH-721En2efzvmFqg6KS90q6Ezr6U0PxxnYwdxrJGXNwgkdbFojYgZwagKYxTN_NYrWxhRTeGIKui3GxukCmfB8dnsWPkwgC2MMATCJ_kh7QyiBreHasLS8o3xd7lXGMWE6OM-Rdrnn2HQvyfhXdixoXmn_RK_y36fAm9OwfLXYj6zh-IlMa-BTBuBTLoqHFLib8VT7Lhs1TRrtSHLnRF9ycrqUIADnZ_usJ5XorIluv_dzuadNGhkPtUuw8vx-58viXs-ukp3mcnMF0Cu5YazZz5hRn55v80zU0C_wwc7tU-oRWVcMWIx2uvNfnoazPPzK9bWI96DTJEMAakUaOsO5LkxEk5kTZIdIBdCgb565_zd88M8SxEKHvc8Xn2UVWIo5wQQBcY0q7sT7mWUDkv8vyBtu3-Iw7a35QlM9ghtelUOLLmAm2CXComn57kmKYTaMNnH9DVAF-pAvwpPv5B6Hxk0sOKS4yZqjHtLFc3aumhlWgEi7JXa54anvrXGfFda_ocd4Zt7RXHMHkH2-3g-knnG4VUFvMjrmQ0nibEmLctvidsNTLD9CJervz5Y-coiX4ggeIGZFeh3um7njr5l5gdUpTTNMe0xmhl3QPmWzfEGJ3Ze8fllzi/wp/0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Server

2600:1f18:2352:af00:5a8a:80f:f486:e034 Ashburn, United States, ASN (),

Reverse DNS

Software

ATS /

Resource Hash

33f682843dc5367f9516e1d4342c51ceb651be04f29ec703e3f3da62bdf1bd74

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
content-length: 3537
date: Thu, 14 Nov 2024 09:50:21 GMT
content-type: text/javascript
server: ATS
x-frame-options: DENY

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://pn.ybp.yahoo.com/ab/secure/true/imp/KhDyZh2IHO8RYSjZcpbiMMcAyAeOzSSLRBXbGZpW95U3YchWHBR1yWLJwCUzjKuFaYn_OcQs17FYRjqrfnDL0gzj7BIiqywb_QgDYAmZCmuUydrbR8qf6bt8JQqDu-A0u8ranlX0WH18mZA3hP1qJ9_IsKdaXV05MwJV850gAvkjk872m6DNQ9PubAzj3dxFZRmGhquVoxt265jdTjVrKH1uaCcNjK7eNewu5N11q9Rp1SOg2RHtDgCMu7Ebt7s0E2yY_5ex4b5Inz9C_rJKJyZl7jgEY7SkuvsDy_MEEtnemwDoe_aGoEfvLbiQA6qb-vMiLhl451E0-dYPQzdICZuOHwDVSu8Hj51Ba3S8D0L8dbNoO9IbGyAI6_8cLPvM3Be3fOKaw5bElZX_M_WgKBTXIkm8ZpZZMh7zZGBKOwoDn9i-NK_D4jF9ZUUVB3ArXokEXMIzAZaA-mTKv0hCoKyA2cV1yLsIga5WtMB_ad4YvdwpzJRdQuecVC8rHHuhPtacuGoqAggr5p9WntP8hhPALSZBuJ9oa8unpmEijh-IVTQoc95Rb6q4sDaEJRGxSlwN6sBWuO2bomf9RamCEDYbZGHIHCKZKJQd6DOXfezue4Km39E9bPyz8aqO02vRCk66AsAyu_hBC9eBEDejJK5KvelbApnGn--hIIBbSpDyVlM9Xq252f-N6Yydfwq8ZcuqZ-oUUsG9V4Nn2GGCMPh-zJ6rLY2QM97CqL7LS-QJ04DgQYm3d_2ST4AgPfZLgb-TCWbPYEg7tXdTB4TY5SwGoSVvebDflfPHx43FywRJnwmHjbaAfrhVctn0iaYvdqlI7NosbeihR_bXLRgjEOr4mF0oTy052bLAM3JBcZQwK8j6Ms6_Wr8rlBu5fOpi58SNZb3AN-XtYiMJFFk9zhiQcnQPKacYxupkgc-jTDxxE2RDSbqIdz-bPagwNgZys2L0zqw_gXY02l3Rxy0PO4CA0PUTRs6zQlwZzWIzMbuGf-ODdkm44rwd9HdHrtH2XR7EX__t2ErDoS0bmydeIj-cGWHCL-li2kpvrjZIaRdKoSDHK57e20IS7eXHbO5CNkbFO5cFrH-721En2efzvmFqg6KS90q6Ezr6U0PxxnYwdxrJGXNwgkdbFojYgZwagKYxTN_NYrWxhRTeGIKui3GxukCmfB8dnsWPkwgC2MMATCJ_kh7QyiBreHasLS8o3xd7lXGMWE6OM-Rdrnn2HQvyfhXdixoXmn_RK_y36fAm9OwfLXYj6zh-IlMa-BTBuBTLoqHFLib8VT7Lhs1TRrtSHLnRF9ycrqUIADnZ_usJ5XorIluv_dzuadNGhkPtUuw8vx-58viXs-ukp3mcnMF0Cu5YazZz5hRn55v80zU0C_wwc7tU-oRWVcMWIx2uvNfnoazPPzK9bWI96DTJEMAakUaOsO5LkxEk5kTZIdIBdCgb565_zd88M8SxEKHvc8Xn2UVWIo5wQQBcY0q7sT7mWUDkv8vyBtu3-Iw7a35QlM9ghtelUOLLmAm2CXComn57kmKYTaMNnH9DVAF-pAvwpPv5B6Hxk0sOKS4yZqjHtLFc3aumhlWgEi7JXa54anvrXGfFda_ocd4Zt7RXHMHkH2-3g-knnG4VUFvMjrmQ0nibEmLctvidsNTLD9CJervz5Y-coiX4ggeIGZFeh3um7njr5l5gdUpTTNMe0xmhl3QPmWzfEGJ3Ze8fllzi/wp/0
Content-Length: 0
Date: Thu, 14 Nov 2024 09:50:21 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H2

200

/
onetag-sys.com/match/ Frame 0913
Redirect Chain

https://us-west-sync.bidswitch.net/sync?ssp=onetag&dsp_id=74&imp=1
https://us-west-sync.bidswitch.net/ul_cb/sync?ssp=onetag&dsp_id=74&imp=1
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=15b72c43-72c2-4a00-b3de-a6c7a5c54efa&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-_Oo3ziNE2pkYq_8fgO18nRW17hm4MVBcgiEjSQ--~A&expires=5&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=15b72c43-72c2-4a00-b3de-a6c7a5c54efa&gdpr=&gdpr_consent=&us_privacy=

0
200 B

70ms
70ms

Image
text/plain

51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=15b72c43-72c2-4a00-b3de-a6c7a5c54efa&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //onetag-sys.com/match/?int_id=30&uid=15b72c43-72c2-4a00-b3de-a6c7a5c54efa&gdpr=&gdpr_consent=&us_privacy=
content-length: 0
alt-svc: h3=":443"; ma=2592000
date: Thu, 14 Nov 2024 09:50:22 GMT

POST
H2 200 / Show response
onetag-sys.com/analytics/ 0
230 B 70ms
69ms XHR
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/analytics/

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
access-control-allow-origin: https://onetag-sys.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 70ms
69ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=1&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
71ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=287&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0913 19 KB
9 KB 208ms
62ms Script
text/javascript 2607:f8b0:4006:823::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
age: 1503
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 10:25:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 09:25:19 GMT
last-modified: Wed, 25 Sep 2024 14:24:55 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges: bytes
content-length: 8436
x-xss-protection: 0
server: sffe

GET
H2 200 inside.js Show response
cdn.js7k.com/rq/iv/ Frame 0913 42 KB
14 KB 206ms
64ms Script
application/javascript 2001:4998:14:800::1000

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN (),

Reverse DNS

Software

ATS /

Resource Hash

fcae3267e690d85cb030639af8ae7947524d0f3fb4e50ae62129159668d86d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
etag: "418f41ec8d6561c252dd0825965a718f-df"
age: 116
date: Thu, 14 Nov 2024 09:48:27 GMT
last-modified: Tue, 10 Sep 2024 15:09:48 GMT
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-amz-id-2: kAsoNx1y7iGKQe/yM8LBDwjVs8kx/JkaOhNB9+ZAiwfuFV7wCfLCjL1h+hsEm8i0Ijkondjww4boMlQXChc4zICLJjQcdT6SYie35DO7bJs=
strict-transport-security: max-age=31536000
cache-control: public,max-age=14400
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: C0VT8D1R9J3010ZH
accept-ranges: bytes
content-length: 14397
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 0913 565 B
933 B 204ms
63ms Image
image/png 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

etag: "349bad1100a940608cb9109eb2b166a2"
x-amz-version-id: null
age: 3822
date: Thu, 14 Nov 2024 08:46:41 GMT
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
vary: Origin
content-type: image/png
x-amz-id-2: 2O6tqgtEsaLnwZ/rQdHY/PxUrUHNIWZmddr1XwtZaik7sbm48GyWOXPsB8kZPmqolBkzyhsyYts=
strict-transport-security: max-age=31536000
cache-control: max-age=15552000, public
ats-carp-promotion: 1, 1
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: 074MFXD8PE9AJBEW
accept-ranges: bytes
content-length: 565
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 impl_v102.js Show response
www.googletagservices.com/dcm/ Frame 0913 64 KB
25 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:823::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v102.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
age: 8702
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 07:25:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:25:20 GMT
last-modified: Mon, 23 Sep 2024 13:13:16 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges: bytes
content-length: 25384
x-xss-protection: 0
server: sffe

GET
H3 200 B32598314.405511791;dc_ver=102.299;sz=320x50;u_sd=1;gdpr=0;nel=1;dc_adk=816616757;ord=phx03k;click=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2FhuwhmibXwOjjiAtfjuzWCOFsu4HjR7Cy2YTVHRjdzGcIWx2Oqz7E8_R...
ad.doubleclick.net/ddm/adi/N1189728.3624834DISPLAYVERIZONME/ Frame C96B 0
0 193ms
104ms Document
text/html 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1189728.3624834DISPLAYVERIZONME/B32598314.405511791;dc_ver=102.299;sz=320x50;u_sd=1;gdpr=0;nel=1;dc_adk=816616757;ord=phx03k;click=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2FhuwhmibXwOjjiAtfjuzWCOFsu4HjR7Cy2YTVHRjdzGcIWx2Oqz7E8_RxNlvUaaj8UU01uz6dEF_h470rFmjsFRT_31bCXMaG1FhRYzsfPXg9nORzcuZEvusv6yDmCHIs0K562Dn7IyEt441SzIsFStNW1nqRZiX1pBiFafGZTHgoc1QKoEqGW7Vb0H-VP9HKHv-iGVIeovz6RBkHBRl7mEeYwLLI3qgtGG5LryXkMiZILdZSVIp-D8P9PSbi4PDTzmeNQlxFjdsXki3g2Lxl8mgCYZlgSMiI61Fl2wViwds%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fonetag-sys.com%2Finvocation%2F%3Fkey%3Dfb8f193b-6355-4d92-bacc-63c545f77394%26ad_type%3Dbanner$0;xdt=0;crlt=ciCajQxnH.;gcsr=m;stc=1;chaa=1;sttr=103;prcl=s

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb/blocking_script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onetag-sys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 32259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 09:50:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/854585/68926917/ Frame 0913 62 KB
15 KB 202ms
65ms Script
application/javascript 54.204.151.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/854585/68926917/skeleton.js?bundleId=shopgoodwill.com&ias_dspID=30&ias_campId=753757&ias_pubId=183&ias_chanId=3394657&ias_placementId=0&ias_creativeId=7458421&bidurl=https%3A%2F%2Fonetag-sys.com%2Finvocation%2F%3Fkey%3Dfb8f193b-6355-4d92-bacc-63c545f77394%26ad_type%3Dbanner&adsafe_par&ias_impId=v4~~1028369271442917371:1731576874457
Requested by: Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.204.151.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-151-184.compute-1.amazonaws.com
Software: /
Resource Hash: 96dcb58c5798ee7b43bfed8d6579a01d608edc26d409f9ce844927900939939b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: pixel.adsafeprotected.com
date: Thu, 14 Nov 2024 09:50:22 GMT
content-type: application/javascript;charset=utf-8
vary: accept-encoding

GET
H2 200 main.19.8.553.js Show response
static.adsafeprotected.com/ Frame 0913 240 KB
73 KB 218ms
70ms Script
application/javascript 2600:9000:247b:6000:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.553.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:6000:8:48e:53c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6500b45201c0146d2abc484c9bf09d6dfdb8b7a396862781ad9a5dc14d930553

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
x-amz-version-id: 6XBJxLF8W2lXJOh0BI1NsN1G3o14kpBc
etag: W/"193bc7f5bbf8ccd294f4a75753e909dd"
age: 4708
x-cache: Hit from cloudfront
x-amz-cf-id: YwW2DemZ2ZpPd6_8gqjeDBCnfaFOMbx8VAnPQv2Z-MX5XWMqkyHZGQ==
date: Thu, 14 Nov 2024 08:31:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 21:39:57 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 0913
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/854585/68926917/skeleton.js?bundleId=shopgoodwill.com&ias_dspID=30&ias_campId=753757&ias_pubId=183&ias_chanId=3394657&ias_placementId=0&ias_creativeId=74584...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

64ms
64ms

Script
application/javascript

2600:9000:247b:6000:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner
Protocol: H2
Server: 2600:9000:247b:6000:8:48e:53c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
age: 4708
x-cache: Hit from cloudfront
x-amz-cf-id: 8o7rqtCMxhCamWRuXZzZJZHcOeKkODBFARkXkUVWYRj4LNJS46CWYg==
date: Thu, 14 Nov 2024 08:31:55 GMT
content-type: application/javascript
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17
x-amz-cf-pop: JFK52-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: no-cache
location: https://static.adsafeprotected.com/skeleton.js
content-length: 0
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:22 GMT
pragma: no-cache
server: Apache-Coyote/1.1

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 2BDD 91 KB
23 KB 71ms
70ms Script
application/javascript 2600:9000:247b:6000:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/iponweb/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:6000:8:48e:53c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

content-encoding: gzip
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
age: 4708
x-cache: Hit from cloudfront
x-amz-cf-id: -bc3BRBYJpCkcBkZ4t5DI7FmOl3XcOTYIMgTY9XoOeG3iXDAM5Iw_A==
date: Thu, 14 Nov 2024 08:31:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 edcde1a12cafce029607be0b1782d4aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 195ms
58ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmIuL,pingTime:-2,time:374,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1368,beZ:1370,mfA:1683,cmA:1685,inA:1686,inZ:1690,prA:1691,prZ:1694,si:1704,poA:1706,poZ:1726,cmZ:1726,mfZ:1726,loA:1733,loZ:1737,ltA:1741,ltZ:1741,mdA:1371,mdZ:1665%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.100,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:335%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:374,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:334,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:336,slid:%5Bfa7d6f21-b9a4-4780-b5ea-cad1faefeea7%5D,msd:0,ph:1200,sinceFw:35,readyFired:true%7D&br=c
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:23 GMT
content-type: image/gif
server: nginx
x-server-name: dt52.va.303net.net

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 59ms
59ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmIx3,time:516,type:e,sca:%7Beng:b,tss:%7Blts:2024-11-1323.50.22,tzo:600,tzn:Pacific/Honolulu%7D,exr:%7Bexs:objectExternal%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:517,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:334,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B198~0%5D,as:%5B198~320.100%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,rmeas:1,rend:0,renddet:na,siq:336,msd:0,ph:1200,sis:481%7D&br=c
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:23 GMT
content-type: image/gif
server: nginx
x-server-name: dt53.va.303net.net

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
70ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=657&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 59ms
59ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmIAk,pingTime:-10,time:719,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8NjAwfHxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzAuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1731577823228%7C%7Cac38fc18dca231f90c99454305217d31%7C%7Ce70c069864ec1ceef7523c2cc9b41fcd%7C%7Cd8e9280de52664fe6f4d119f2d480aa1%7C%7Cc0b671d303242bd9318b50f0b8d42367%7C%7Cc65a093ae36fd6df78e29ea15b8809c6%7C%7C8f63aec3a84dc7f8649d9a9f7091f6f0%7C%7C16cbf96f51815e8c339ba150a9bf53b9%7C%7C1715618633,im:%7Bpci:%7Btdr:344%7D%7D%7D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:23 GMT
content-type: image/gif
server: nginx
x-server-name: dt22.va.303net.net

GET
H2 404 favicon.ico
onetag-sys.com/ 923 B
762 B 70ms
69ms Other
text/html 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

8636b148f7f30b577172d0bea8065e399cad8c51e01ac50e275272d184c2b74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
cache-control: public, max-age=1800, stale-while-revalidate=43200
content-encoding: gzip
etag: "17decccd4e741df9cb47c172277e8261-gz"
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 515
content-type: text/html
last-modified: Tue, 12 Nov 2024 09:27:38 GMT
vary: accept-encoding

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 66ms
65ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmIMC,pingTime:0,time:1481,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:335%7D,%7Bpiv:100,vs:i,r:,t:1481%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:334,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1162~0,0~100%5D,as:%5B1162~320.100%5D%7D%7D,%7Bsl:i,t:1481,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1162~0,0~100%5D,as:%5B1162~320.100%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:63,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:336,msd:0,ph:1200,sis:481%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:24 GMT
content-type: image/gif
server: nginx
x-server-name: dt01.va.303net.net

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 74ms
72ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=6&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 70ms
69ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=601&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 73ms
72ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=671&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 72ms
71ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=638&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 60ms
60ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmJ2L,pingTime:1,time:2482,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:335%7D,%7Bpiv:100,vs:i,r:,t:1481%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:1481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:334,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1162~0,1~100%5D,as:%5B1163~320.100%5D%7D%7D,%7Bsl:i,t:1481,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~320.100%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:69,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:336,msd:0,ph:1200,sis:481%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:25 GMT
content-type: image/gif
server: nginx
x-server-name: dt21.va.303net.net

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 61ms
60ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmJ2M,pingTime:1,time:2483,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:335%7D,%7Bpiv:100,vs:i,r:,t:1481%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:334,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1162~0,1~100%5D,as:%5B1163~320.100%5D%7D%7D,%7Bsl:i,t:1481,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~320.100%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:69,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:336,msd:0,ph:1200,sis:481,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:25 GMT
content-type: image/gif
server: nginx
x-server-name: dt23.va.303net.net

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 72ms
72ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=672&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 70ms
69ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=673&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 / Show response
onetag-sys.com/analytics/ 0
230 B 70ms
69ms XHR
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/analytics/

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
access-control-allow-origin: https://onetag-sys.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
71ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=674&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
70ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=569&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
69ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=675&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 58ms
57ms Image
image/gif 2600:1f18:1aca:4281:9ddd:9315:d895:4390

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=854585&asId=82403e8a-653a-afd5-1cfb-e679c1976e6b&tv=%7Bc:tZmK5h,pingTime:5,time:6482,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:100,t:335%7D,%7Bpiv:100,vs:i,r:,t:1481%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:1481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:334,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1162~0,1~100%5D,as:%5B1163~320.100%5D%7D%7D,%7Bsl:i,t:1481,wc:650.650.1600.1200,ac:658.658.320.100,am:i,cc:658.658.320.100,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5001~320.100%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:64,fm:uu5S4QB+11*.854585-68926917%7C1111%7C1112,idMap:11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:336,msd:0,ph:1200,sis:481%7D&br=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:1aca:4281:9ddd:9315:d895:4390 Ashburn, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Thu, 14 Nov 2024 09:50:29 GMT
content-type: image/gif
server: nginx
x-server-name: dt18.va.303net.net

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 69ms
69ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=676&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 70ms
70ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=677&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
71ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=678&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 / Show response
onetag-sys.com/analytics/ 0
230 B 72ms
68ms XHR
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/analytics/

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
access-control-allow-origin: https://onetag-sys.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 70ms
70ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=464&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 71ms
70ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=679&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 204 ping
onetag-sys.com/v2/ 0
77 B 72ms
71ms Image
text/plain 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/v2/ping?data=7gogGPAi_vbukOj-a7m3H3soiKa96ndzbgXGcVss77ROm7nkbPE19GA_zJf8YZ-ussMRxrkv-sn6Jk2nLq-TX0vI9jBPDW5I5CIBregRP-SN8W6D9KC5M5dH_V88GnmY9smdy6tmJqAjpWxv3BSws4uMaak5AVjq-Ry5Ca1PLA4r9Bz__v0kBsw2B5yp5r5WFQv2fzdGbiHYmBXpFLWFYPCozxxcwl18g9XuL6XLU4zOca3e499bpzj04xWObFqRhTFIbw3ntdJA1OTX23NxR8Ab0N3WNfhlHv3JrolZeqb-9bXwAFrmuweN3XoFlzco0Qj2PK9smrUmH1G5pmcYMFQ5xL9jbXcCrZHEKByMLKpta8OB2KhPZ4FIsqnS7VRZyRDLDW2nYXhtrDWK0aVLQAE9ekT4Lx5TeHLNieA9yD2MfPgmmM8dBRM1TGWwm5i1s7Gb7qZytzfNumaQoi7Hb3IPU9btXMNuTNDV9NNKLhOGZyyk5DO714twPRW48d0sLPtJLtPXIeQy6_P3KJv5FZo3Qc7_5JkWFKSSaIALNeo0_KAYUqC-lNth46TfgeXB5WAA4wubyb1sWx4Ify4G97wEbE-N73UPGnVT2jU_JVB4Mn3i1UC8CPE6JOU4pV2_G4hqT75LjhiRGgShWpeQ5jhj0DjayvT_zDN6fxVkL5U&event=680&price=&currency=&seat=&adomain=&size=&ssp_price=&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://onetag-sys.com/invocation/?key=fb8f193b-6355-4d92-bacc-63c545f77394&ad_type=banner

Response headers

strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onetag object| googDdmPs

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bidswitch.net/	1970-01-21 09:45:13	Name: c Value: 1731577821
.bidswitch.net/	1970-01-21 09:45:13	Name: tuuid_lu Value: 1731577821
.bidswitch.net/	1970-01-21 09:45:13	Name: tuuid Value: 15b72c43-72c2-4a00-b3de-a6c7a5c54efa
.yahoo.com/	1970-01-21 09:45:35	Name: A3 Value: d=AQABBN3HNWcCEAn-q3-Z8OWzdjPWgtIn7w4FEgEBAQEZN2c_ZwAAAAAA_eMAAA&S=AQAAAg0kSBiBcI0Wqdg3wzRR8qM
.doubleclick.net/	1970-01-21 05:18:49	Name: APC Value: AfxxVi6bVJU3pQXvVWP2Qj9iB759rtxHg6AStc-M5Hi0GcnFuPxEOw
.doubleclick.net/	1970-01-21 05:18:49	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:35:37	Name: IDE Value: AHWqTUmp-y5iMjDY3sZcShz6C83hypQmiYqjQ7tGcULlRZ4fRYxtnqxYSWKTd9OReUk
.doubleclick.net/	1970-01-21 01:42:49	Name: ar_debug Value: 1
.quantserve.com/	1970-01-21 10:29:52	Name: mc Value: 6735c7de-997d5-851b3-3c1b3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://onetag-sys.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.js7k.com
dt.adsafeprotected.com
ghent-gce-or.bidswitch.net
onetag-sys.com
pixel.adsafeprotected.com
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
s.yimg.com
static.adsafeprotected.com
tagan.adlightning.com
us-west-sync.bidswitch.net
www.googletagservices.com
x.bidswitch.net
142.250.65.198
2001:4998:14:800::1000
2001:4998:14:800::1001
2600:1f18:1aca:4281:9ddd:9315:d895:4390
2600:1f18:2352:af00:5a8a:80f:f486:e034
2600:1f18:4e9:5a01:45cd:c37:f63e:2835
2600:9000:247b:6000:8:48e:53c0:93a1
2607:f8b0:4006:823::2002
3.171.139.27
35.211.202.130
35.212.160.220
35.212.198.217
51.222.39.185
54.204.151.184
1b2e774a4a9eb2e43f0e8910af06a8788f136b51debe44e413bafc202fd03b79
33f682843dc5367f9516e1d4342c51ceb651be04f29ec703e3f3da62bdf1bd74
6134e9f44cd31ed59d65a3a806438733a173c24f46d4f6149e2fcf16e93574fc
646de26aca05b66f1af42326f476fa9e9fd0fe1ae0e6b84c8df43a371fff71ab
6500b45201c0146d2abc484c9bf09d6dfdb8b7a396862781ad9a5dc14d930553
8636b148f7f30b577172d0bea8065e399cad8c51e01ac50e275272d184c2b74b
96dcb58c5798ee7b43bfed8d6579a01d608edc26d409f9ce844927900939939b
a45718752cf23a8cab8534f6d1e4a67f2b26d37ceb46dfa2476c134355ffb058
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
e168d6e1fb8e4b40d2f2415af79eaa0afc3cb6632cc13448cea6d95f091b99c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2a473cfa3c4774bf40ecd7bf40b712194e6fb12bfe8da6be047d867a7baa61
fcae3267e690d85cb030639af8ae7947524d0f3fb4e50ae62129159668d86d0d

onetag-sys.com Open in urlscan Pro 51.222.39.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

44 Requests

93 %HTTPS

50 %IPv6

9 Domains

14 Subdomains

10 IPs

2 Countries

298 kBTransfer

891 kBSize

9 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onetag-sys.com Open in urlscan Pro
51.222.39.185 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

10
IPs

2
Countries

298 kB
Transfer

891 kB
Size

9
Cookies

44 HTTP transactions
0 data transactions