urlscan.io logo urlscan.io
SecurityTrails logo

www.yourmoneymagic.com Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.yourmoneymagic.com/
Effective URL: https://www.yourmoneymagic.com/
Submission: On August 20 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 10 countries across 79 domains to perform 311 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.yourmoneymagic.com.
TLS certificate: Issued by R3 on August 13th 2021. Valid for: 3 months.
This is the only time www.yourmoneymagic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51 151.139.128.11 20446 (HIGHWINDS3)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.184.226 15169 (GOOGLE)
5 13.224.186.4 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 13.224.96.37 16509 (AMAZON-02)
1 151.101.13.44 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2.18.234.190 16625 (AKAMAI-AS)
2 2a04:4e42:54::84 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
6 34.95.123.0 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.159 22075 (AS-OUTBRAIN)
2 13.225.87.13 16509 (AMAZON-02)
1 18.192.135.64 16509 (AMAZON-02)
1 34.254.8.42 16509 (AMAZON-02)
8 12 185.33.220.243 29990 (ASN-APPNEX)
2 13.224.196.58 16509 (AMAZON-02)
2 18.156.195.47 16509 (AMAZON-02)
1 18.196.0.40 16509 (AMAZON-02)
1 2.18.232.7 16625 (AKAMAI-AS)
3 13 35.244.159.8 15169 (GOOGLE)
2 35.157.32.122 16509 (AMAZON-02)
1 184.31.84.150 16625 (AKAMAI-AS)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.75.88.209 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 15 52.95.124.170 16509 (AMAZON-02)
4 4 213.19.147.44 26120 (RHYTHMONE)
8 14 13.248.242.197 16509 (AMAZON-02)
1 2 213.19.147.45 26120 (RHYTHMONE)
21 34.251.173.19 16509 (AMAZON-02)
1 1 13.224.96.44 16509 (AMAZON-02)
2 18.195.155.181 16509 (AMAZON-02)
5 21 2.18.234.21 16625 (AKAMAI-AS)
1 1 162.55.6.213 24940 (HETZNER-AS)
1 1 88.214.206.142 46636 (NATCOWEB)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (TURN)
1 2600:9000:21f... 16509 (AMAZON-02)
1 1 3.126.56.137 16509 (AMAZON-02)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
4 9 76.223.111.18 16509 (AMAZON-02)
3 3 2620:116:800d... 16509 (AMAZON-02)
6 7 37.157.6.241 198622 (ADFORM)
15 22 142.250.185.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 5 52.46.133.124 16509 (AMAZON-02)
2 2 51.178.20.140 16276 (OVH)
2 169.197.150.7 398989 (DEEPINTENT)
2 2 3.127.92.82 16509 (AMAZON-02)
2 2 185.33.221.90 29990 (ASN-APPNEX)
7 8 3.69.101.201 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
1 1 54.209.16.83 14618 (AMAZON-AES)
2 2 64.202.112.95 23352 (SERVERCEN...)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 1 64.202.112.191 22075 (AS-OUTBRAIN)
3 4 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 34.232.92.67 14618 (AMAZON-AES)
1 129.159.70.95 31898 (ORACLE-BM...)
2 2 52.57.88.239 16509 (AMAZON-02)
1 1 185.86.137.122 201081 (SMARTADSE...)
2 2.18.233.180 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
4 4 185.29.134.248 30419 (MEDIAMATH...)
3 4 151.101.14.49 54113 (FASTLY)
1 67.202.110.24 32748 (STEADFAST)
1 1 124.146.215.47 2514 (INFOSPHER...)
2 2 193.0.160.129 54312 (ROCKETFUEL)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
5 72.251.249.14 29791 (VOXEL-DOT...)
1 1 18.214.172.53 14618 (AMAZON-AES)
1 1 69.173.144.165 26667 (RUBICONPR...)
12 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 5 69.173.144.139 26667 (RUBICONPR...)
1 3 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 151.101.13.108 54113 (FASTLY)
2 2 18.159.8.206 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 35.205.207.25 15169 (GOOGLE)
1 1 34.224.231.148 14618 (AMAZON-AES)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TELIANET ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 146.59.148.16 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.253.128.183 36351 (SOFTLAYER)
3 185.64.189.110 62713 (AS-PUBMATIC)
2 172.217.18.98 15169 (GOOGLE)
311 84
51    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
www.yourmoneymagic.com
images.yourmoneymagic.com
1    2600:9000:20eb:cc00:9:dc53:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa.privacymanager.io
3    2600:9000:20eb:9000:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
1    2600:9000:20eb:2800:3:f9b0:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ccpa-wrapper.privacymanager.io
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
5    13.224.186.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:2190:c00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    13.224.96.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-37.zrh50.r.cloudfront.net
geo.privacymanager.io
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    2a04:4e42:54::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    34.95.123.0 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 0.123.95.34.bc.googleusercontent.com
trk.decido.io
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    13.225.87.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-13.fra2.r.cloudfront.net
dau-prod.launch.liveramp.com
1    18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    34.254.8.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
12    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    13.224.196.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-58.fra2.r.cloudfront.net
gdpr-web-dau-prod.privacymanager.io
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    18.196.0.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-0-40.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
decido-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2    35.157.32.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-32-122.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
15    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
14    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
21    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    13.224.96.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-44.zrh50.r.cloudfront.net
s.ad.smaato.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
21    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2600:9000:21f3:6c00:0:70b1:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync-amz.ads.yieldmo.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
9    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
7    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
22    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
15    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
8    3.69.101.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-101-201.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    54.209.16.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-16-83.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    34.232.92.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-92-67.compute-1.amazonaws.com
sync.ipredictive.com
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    52.57.88.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-88-239.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    67.202.110.24 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
1    124.146.215.47 (Minato-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
5    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    18.214.172.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-172-53.compute-1.amazonaws.com
jadserve.postrelease.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
12    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-8-206.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    34.224.231.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-231-148.compute-1.amazonaws.com
sync.extend.tv
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
51 yourmoneymagic.com
www.yourmoneymagic.com
images.yourmoneymagic.com
2 MB
33 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
208 KB
29 googlesyndication.com
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
198 KB
25 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
50 KB
21 gumgum.com
rtb.gumgum.com
6 KB
20 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
22 KB
15 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
28 KB
14 adsrvr.org
match.adsrvr.org
5 KB
13 openx.net
decido-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
3 KB
12 2mdn.net
s0.2mdn.net
166 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
17 KB
12 privacymanager.io
ccpa.privacymanager.io
gdpr-wrapper.privacymanager.io
ccpa-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
gdpr-web-dau-prod.privacymanager.io
215 KB
11 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
25 KB
10 3lift.com
tlx.3lift.com
eb2.3lift.com
4 KB
9 bidswitch.net
grid.bidswitch.net
x.bidswitch.net
3 KB
8 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
5 KB
7 adform.net
c1.adform.net
3 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
8 KB
7 gstatic.com
fonts.gstatic.com
119 KB
6 decido.io
trk.decido.io
576 B
5 google.com
www.google.com
adservice.google.com
1 KB
5 fontawesome.com
use.fontawesome.com
189 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 facebook.com
www.facebook.com
563 B
4 outbrain.com
amplify.outbrain.com
tr.outbrain.com
sync.outbrain.com
5 KB
4 facebook.net
connect.facebook.net
174 KB
3 googletagservices.com
www.googletagservices.com
102 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 pinterest.com
ct.pinterest.com
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
893 B
2 de17a.com
d5p.de17a.com
637 B
2 avads.net
ads.avads.net
555 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 cloudflare.com
cdnjs.cloudflare.com
41 KB
2 creativecdn.com
creativecdn.com
695 B
2 rfihub.com
p.rfihub.com
1 KB
2 360yield.com
ad.360yield.com
617 B
2 contextweb.com
bh.contextweb.com
1 KB
2 zemanta.com
b1sync.zemanta.com
582 B
2 avct.cloud
ads.avct.cloud
892 B
2 w55c.net
pm.w55c.net
2 KB
2 deepintent.com
match.deepintent.com
60 B
2 dyntrk.com
gu.dyntrk.com
1 KB
2 turn.com
ad.turn.com
843 B
2 emxdgt.com
cs.emxdgt.com
22 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
864 B
2 sharethrough.com
btlr.sharethrough.com
237 B
2 yieldmo.com
ads.yieldmo.com
sync-amz.ads.yieldmo.com
712 B
2 liveramp.com
dau-prod.launch.liveramp.com
471 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 pinimg.com
s.pinimg.com
18 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
15 KB
1 simpli.fi
um.simpli.fi
611 B
1 onaudience.com
pixel.onaudience.com
400 B
1 criteo.com
dis.criteo.com
338 B
1 adgrx.com
cm.adgrx.com
408 B
1 extend.tv
sync.extend.tv
546 B
1 bing.com
c.bing.com
466 B
1 rlcdn.com
id.rlcdn.com
66 B
1 postrelease.com
jadserve.postrelease.com
543 B
1 socdm.com
tg.socdm.com
826 B
1 33across.com
ssc-cms.33across.com
1 smartadserver.com
ssbsync.smartadserver.com
318 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
618 B
1 dotomi.com
amazon-tam-match.dotomi.com
1 admanmedia.com
cs.admanmedia.com
409 B
1 loopme.me
csync.loopme.me
211 B
1 smaato.net
s.ad.smaato.net
563 B
1 google.ch
adservice.google.ch
853 B
1 google.de
www.google.de
522 B
1 teads.tv
a.teads.tv
368 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 taboola.com
cdn.taboola.com
25 KB
1 googletagmanager.com
www.googletagmanager.com
64 KB
311 79
Domain Requested by
31 www.yourmoneymagic.com 1 redirects www.yourmoneymagic.com
22 cm.g.doubleclick.net 15 redirects u.openx.net
rtb.gumgum.com
googleads.g.doubleclick.net
eu-u.openx.net
eb2.3lift.com
21 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
20 images.yourmoneymagic.com www.yourmoneymagic.com
15 tpc.googlesyndication.com b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
www.yourmoneymagic.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
15 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
ap.lijit.com
14 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
14 match.adsrvr.org 8 redirects u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
eu-u.openx.net
eb2.3lift.com
12 s0.2mdn.net tpc.googlesyndication.com
www.yourmoneymagic.com
s0.2mdn.net
12 ib.adnxs.com 8 redirects www.yourmoneymagic.com
eb2.3lift.com
acdn.adnxs.com
9 pagead2.googlesyndication.com b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
9 eb2.3lift.com 4 redirects www.yourmoneymagic.com
eb2.3lift.com
8 x.bidswitch.net 7 redirects www.yourmoneymagic.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 fonts.gstatic.com fonts.googleapis.com
6 us-u.openx.net 2 redirects u.openx.net
eu-u.openx.net
6 trk.decido.io www.yourmoneymagic.com
5 token.rubiconproject.com 4 redirects rtb.gumgum.com
5 ce.lijit.com ap.lijit.com
5 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eb2.3lift.com
5 eu-u.openx.net 1 redirects u.openx.net
www.yourmoneymagic.com
eu-u.openx.net
5 c.amazon-adsystem.com www.yourmoneymagic.com
c.amazon-adsystem.com
5 use.fontawesome.com www.yourmoneymagic.com
use.fontawesome.com
4 image2.pubmatic.com ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects rtb.gumgum.com
4 sync.mathtag.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 googleads.g.doubleclick.net b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
www.yourmoneymagic.com
4 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4 sync.1rx.io 4 redirects
4 www.google.com 1 redirects www.yourmoneymagic.com
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 www.facebook.com www.yourmoneymagic.com
4 connect.facebook.net www.yourmoneymagic.com
connect.facebook.net
4 geo.privacymanager.io gdpr.privacymanager.io
ccpa.privacymanager.io
4 securepubads.g.doubleclick.net www.yourmoneymagic.com
securepubads.g.doubleclick.net
3 simage2.pubmatic.com ads.pubmatic.com
3 pixel.rubiconproject.com 1 redirects rtb.gumgum.com
3 www.googletagservices.com securepubads.g.doubleclick.net
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
3 pixel.quantserve.com 3 redirects
3 b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ct.pinterest.com s.pinimg.com
www.yourmoneymagic.com
3 gdpr-wrapper.privacymanager.io www.yourmoneymagic.com
gdpr.privacymanager.io
2 ade.googlesyndication.com
2 d5p.de17a.com 2 redirects
2 ads.avads.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 js-sec.indexww.com www.yourmoneymagic.com
ssum-sec.casalemedia.com
2 cdnjs.cloudflare.com s0.2mdn.net
2 googleads4.g.doubleclick.net www.yourmoneymagic.com
2 creativecdn.com 2 redirects
2 p.rfihub.com 2 redirects
2 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
2 ads.pubmatic.com rtb.gumgum.com
ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 bh.contextweb.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.avct.cloud 2 redirects
2 secure.adnxs.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.deepintent.com ssum-sec.casalemedia.com
rtb.gumgum.com
2 gu.dyntrk.com 2 redirects
2 ap.lijit.com 1 redirects aax-eu.amazon-adsystem.com
2 ad.turn.com 2 redirects
2 cs.emxdgt.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 sync.targeting.unrulymedia.com 1 redirects rtb.gumgum.com
2 btlr.sharethrough.com www.yourmoneymagic.com
2 c2shb.ssp.yahoo.com www.yourmoneymagic.com
2 gdpr-web-dau-prod.privacymanager.io gdpr.privacymanager.io
2 dau-prod.launch.liveramp.com ccpa.privacymanager.io
2 tr.outbrain.com amplify.outbrain.com
www.yourmoneymagic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s.pinimg.com www.yourmoneymagic.com
s.pinimg.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 acdn.adnxs.com www.yourmoneymagic.com
1 ads.yahoo.com rtb.gumgum.com
1 id.rlcdn.com rtb.gumgum.com
1 pixel-eu.rubiconproject.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 tg.socdm.com 1 redirects
1 ssc-cms.33across.com rtb.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.outbrain.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 u.openx.net aax-eu.amazon-adsystem.com
1 cs.admanmedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 s.ad.smaato.net 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.ch securepubads.g.doubleclick.net
1 www.google.de www.yourmoneymagic.com
1 htlb.casalemedia.com www.yourmoneymagic.com
1 decido-d.openx.net www.yourmoneymagic.com
1 a.teads.tv www.yourmoneymagic.com
1 tlx.3lift.com www.yourmoneymagic.com
1 ads.yieldmo.com www.yourmoneymagic.com
1 grid.bidswitch.net www.yourmoneymagic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 amplify.outbrain.com www.yourmoneymagic.com
1 cdn.onesignal.com www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 www.googletagmanager.com www.yourmoneymagic.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 fonts.googleapis.com www.yourmoneymagic.com
1 ajax.googleapis.com www.yourmoneymagic.com
1 ccpa-wrapper.privacymanager.io www.yourmoneymagic.com
1 ccpa.privacymanager.io www.yourmoneymagic.com
311 122

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
Subject Issuer Validity Valid
yourmoneymagic.com
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
images.yourmoneymagic.com
R3		 2021-07-14 -
2021-10-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
trk.decido.io
GTS CA 1D4		 2021-06-30 -
2021-09-28		 3 months crt.sh
*.launch.liveramp.com
Amazon		 2020-10-15 -
2021-11-14		 a year crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-15 -
2021-10-23		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-10 -
2022-02-02		 6 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-01-18 -
2022-02-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh

This page contains 46 frames:

Primary Page: https://www.yourmoneymagic.com/
Frame ID: 9BE61FAF9E1C1D4638377372286B6BAA
Requests: 128 HTTP requests in this frame

Frame: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 50D31608338FB9B771DD9A2A5112263F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: E26F5AEE1F350DB48CE98FCD84CF48B1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 7462174B9818FAF8B742B84077936804
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: C9025F7B27350596D827EAEA832E402B
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: DE505CDFDB68F07870DABC4365CB00E3
Requests: 10 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b3e55d71-749e-4e9e-942b-4c720f389c78
Frame ID: 3C749F358E87079D5AB99C59CD5ECECC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
Frame ID: CAFC3FF3E901F400E8A20124A100BC79
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 4458768EB91EF50C26276F87933A4211
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5283497149401273924&ex=districtm
Frame ID: 496985042462142E60E07B1F60FBAC1A
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: AD536C8183D4214714BA65D44A76AD8F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=7480057154891148900
Frame ID: 6F4971A05EAB1F8470E48240B9C5BF1E
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 36F0395F09E1926A17F4209C4ED2D196
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2KKDSk11l2Nb1Mu5ghJfVA0cL6pKVJA-&
Frame ID: B2ABDC1C650ED2C9C67ECED84AEB6A31
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7504711043088332144&ex=appnexus.com
Frame ID: A3A59E689B4476A0C4B7137DB59C4320
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: BDE27E4C59F06A21E02EDDF76827EE7D
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=8464313354178260756
Frame ID: 6BDB1712AD8810CDF372B75F5316438B
Requests: 1 HTTP requests in this frame

Frame: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 349B15267893570C32836F1B9D5CA8AC
Requests: 17 HTTP requests in this frame

Frame: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9F845072E3EFA47CE2CD6B13EC0C5D0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYu6SKrgEwAQ&v=APEucNWF1xvV0D344mL_YuQ--2NJBDsB_yJ1zPvw4-Tqz2iu_N2-RLG6g8WlmPBjwFU2D5CpxB2Xg6gugCxrne3e11O7E0rZEyL_JOIhqdlAC1nzwwcl_pw
Frame ID: 28E3EBB924B58228B02B6078F942C159
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Frame ID: A489A6D22343714A4697FC4D839F6610
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F14484D7C8B82A588AEA9F425BAE9B0D
Requests: 13 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d&t=1632059220
Frame ID: 809F84007C35B457CC4FBB1DB05BC6FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 00ADE270165C2934B7967488C6F57F63
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=c92b611f-b256-4b00-b2ff-fee343ce8fa3&gdpr=&gdpr_consent=
Frame ID: BB52F9D686CD55602C935968F049C03D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YR_yVQADp3vN0ABg&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
Frame ID: F9A60D5FA0CDA54B5BB61C16EA3278AC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTM1M2QyNC0yYmNkLTQwYTEtYTQ1Yy05Mjc4ODU0NTM4YjA=&gdpr=&gdpr_consent=
Frame ID: 0162066430C35438A4B12DC4D26F7AAD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: ADF2D595EA71E3F44FAD30905B410140
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: FCC8139F6E8B8296D8232868F9A2EFDD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YR.yW8Co8XsAAIQrgmQAAAAA
Frame ID: 06830FFA9FFB0608A019EEAC790A7C5D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471597561447063
Frame ID: 74BBDBE8C234CC3D518B0FBAF2826B72
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=fOGQvmY7V4s8jUGSzZtp&pi=gumgum&tc=1
Frame ID: 1EC230D6F22F4AD50908374E4CAEBD2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CB71ED3D6FEBC9701EE9E105C94CBDCA
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Frame ID: 26CBB736046BF401AB8FDBBEB1B2CA41
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4E995E3808B4B716A4DD57408F8E48DB
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: D298E1A398BE303C14B6237727A9A599
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Frame ID: 9CD90DE46755647F242EE13457F4CA58
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C80CFCF090DBA7DC573124E4B83366A3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6AA0D8807AF7E6831E4CCCA15E71B97A
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5568B413E81C8F4F24833645102AEA41
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6E63B325-7B47-45A5-A124-63AA3824D5B0
Frame ID: 8F26129900913F3212E8A038CDE8C784
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5227709862348228970
Frame ID: 0E169C035081B2FBC454F829B9577B55
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7FD4397CE1CB2EA25FC439D7B6C16E9E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=6E63B325-7B47-45A5-A124-63AA3824D5B0
Frame ID: 22AAD79719B6768796DEA11A7370B4CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3B0EEFB703A59D432561C4B233B07231
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E8E1519FB23FC3BA91B48115D643445
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Your Money Magic

Page URL History Show full URLs

  1. http://www.yourmoneymagic.com/ HTTP 301
    https://www.yourmoneymagic.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

311
Requests

100 %
HTTPS

29 %
IPv6

79
Domains

122
Subdomains

84
IPs

10
Countries

3965 kB
Transfer

8248 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.yourmoneymagic.com/ HTTP 301
    https://www.yourmoneymagic.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Request Chain 128
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=132117834 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=132117834 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/576973cc-bcc9-4bf3-bc1f-2fb16b720e7d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-011d74f0-b101-44ba-95d7-b542f99b9e19-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
Request Chain 129
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=266dfbd2e762d03262f7
Request Chain 133
  • https://csync.loopme.me/?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bdevice_id%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b3e55d71-749e-4e9e-942b-4c720f389c78
Request Chain 134
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
Request Chain 136
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=5283497149401273924&ex=districtm
Request Chain 138
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=7480057154891148900
Request Chain 140
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2KKDSk11l2Nb1Mu5ghJfVA0cL6pKVJA-&
Request Chain 141
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7504711043088332144&ex=appnexus.com
Request Chain 142
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 143
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=8464313354178260756
Request Chain 146
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AJLxtlSR9eMbx_LiUsHtsVOX9-EblfXnUMBSCqGl
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8899411281475281671 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8899411281475281671
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmU2ZmVkODItOWVhZC02MzNmLTc1OGUtNWY4ZjExZjE1ZTY0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmU2ZmVkODItOWVhZC02MzNmLTc1OGUtNWY4ZjExZjE1ZTY0&google_tc=
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-yU3uZqQTsMy-dvaeS5gAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMkws5oN7tTxT8pMSREvIfY&google_cver=1
Request Chain 171
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR.yU3uZqQTsMy.dvaeS5gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
Request Chain 173
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8232637830751059744&expiration=1630676820
Request Chain 174
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_611fb254149c7&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_611fb254149c7
Request Chain 176
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h24B1z8d1Mh4Rp5
Request Chain 178
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7504711043088332144
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_59353d24-2bcd-40a1-a45c-9278854538b0&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_59353d24-2bcd-40a1-a45c-9278854538b0&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=509a5418-efcc-4f85-8083-8f2a9f7b99e9&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=ecb857ac-eb21-4450-a91f-17f6b60e2094
Request Chain 180
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-450de8ce-5b27-4d1a-5b0b-ab5e1173e9d2$ip$185.156.175.109
Request Chain 181
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_59353d24-2bcd-40a1-a45c-9278854538b0&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 182
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=630537724 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=630537724 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/576973cc-bcc9-4bf3-bc1f-2fb16b720e7d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
Request Chain 183
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=nV1pUmXC9TC7&ev=1&pid=558355
Request Chain 184
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29
Request Chain 185
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=b53d9a38-7fcf-05cd-0715-15db13439142
Request Chain 186
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-TqJUZ6FE2peD2Wk7nkOKIP598NeO5t.qDb2e~A
Request Chain 187
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=188c09dd-01bd-11ec-b26e-c9d3dcad15c2
Request Chain 190
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=703940ce-e908-4cf8-b742-9e0924c1540e
Request Chain 191
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=7005587531150482270&gdpr=1&gdpr_consent=
Request Chain 194
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d&t=1632059220
Request Chain 195
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 196
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=c92b611f-b256-4b00-b2ff-fee343ce8fa3&gdpr=&gdpr_consent=
Request Chain 197
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YR_yVQADp3vN0ABg&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
Request Chain 201
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YR.yW8Co8XsAAIQrgmQAAAAA
Request Chain 202
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1870471597561447063
Request Chain 203
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=fOGQvmY7V4s8jUGSzZtp&pi=gumgum&tc=1
Request Chain 205
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l99qVsPcbgOMimkCxYx2UcTabAGM2G4Hx43zSTwp
Request Chain 206
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1871878972495600779
Request Chain 207
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=90&3pid=fc02af13-8184-49ea-9866-a3462c4b968c&gdpr=0&gdpr_consent=
Request Chain 208
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=ougeErcNHGor&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 209
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KSKEPLSR-11-O3N&gdpr=0
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&gdpr=0&C=1
Request Chain 212
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR.yU3uZqQTsMy.dvaeS5gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
Request Chain 230
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 250
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1--- HTTP 302
  • https://rtb.gumgum.com/usersync?b=mag&i=KSKEPMQM-B-6VUK&us_privacy=1---
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOZb7pSw4Xdt1CdhWfk7iko&google_cver=1
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YR_yVQAD8ZeFIgA4
Request Chain 255
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWUzYzNjODc2MjJkN2ZkNGJhNDAyYWY1YTk5N2YzMzQyZWU5NjM0Mw&us_privacy=1---
Request Chain 256
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSKEPMQM-B-6VUK&sigv=1&esig=2~3ed7bb743b82de4727fd4ad27aeb7e48eb7f4f22&us_privacy=1---
Request Chain 257
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5rU2gB8Gm8lCS1mq9nv0pQ?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5762065402411680127
Request Chain 258
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NLRVBNUU0tQi02VlVL&us_privacy=1---
Request Chain 259
  • https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Request Chain 263
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ca890a1d-e866-4703-bed1-42f0453b24c5&ssp=themediagrid
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8cf3611f-b256-4f00-acad-3742c242bf7f
Request Chain 265
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qaffYv2k2zKyo400_KPDNqivjDCyotg8rve1XdZa
Request Chain 266
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8232637830751059744
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA5cILaVY-29D3SsVTTZSl8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 272
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQwNjM4NTg4ODQzNjkwMjY3Mg%3D%3D
Request Chain 274
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4406385888436902672?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vJhnuqJE2oS5tQLYRuVJp8RNLsWsUGPpny33DWT9SQ--~A&dongle=0883
Request Chain 275
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8607140450650277681&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 276
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4406385888436902672 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4406385888436902672&dcc=t
Request Chain 277
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 280
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 282
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB&dcc=t
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItFXWlT1FC9YzeSA9XqxXo&google_cver=1
Request Chain 285
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8607140450650277681
Request Chain 286
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4222550547953610340
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=ecb857ac-eb21-4450-a91f-17f6b60e2094&gdpr=&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=ecb857ac-eb21-4450-a91f-17f6b60e2094&av_tc=True HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=f3298a45-03ca-4ba1-876e-80370a3c5119&expires=2&ssp=index&bsw_param=ecb857ac-eb21-4450-a91f-17f6b60e2094 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094
Request Chain 288
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ed8084a2-1ef5-4eb6-83f6-0c4f49535e39
Request Chain 293
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5227709862348228970
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bmOzJXtHRaWhJGOqOCTVsA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 297
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cf3611f-b256-4f00-acad-3742c242bf7f
Request Chain 298
  • https://pixel.onaudience.com/?partner=214&mapped=6E63B325-7B47-45A5-A124-63AA3824D5B0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=71af00477ed77998 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2ac18d84-f58b-4716-5b6f-c6e895fca9d0&reqId=1a88a337-8002-453e-6e45-c492366ad85e&zcluid=71af00477ed77998&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECjJ1F0QTOil9pShQb8XO7w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2ac18d84-f58b-4716-5b6f-c6e895fca9d0&reqId=1a88a337-8002-453e-6e45-c492366ad85e&zcluid=71af00477ed77998&zdid=1332
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkU2M0IzMjUtN0I0Ny00NUE1LUExMjQtNjNBQTM4MjRENUIw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIC1paskJoZl-iZt2To7vGI&google_cver=1
Request Chain 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8232637830751059744
Request Chain 303
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cf3611f-b256-4f00-acad-3742c242bf7f&gdpr=0&gdpr_consent=
Request Chain 304
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dcdf0bcc-9b16-424d-94a2-3084d43dd101
Request Chain 305
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8607140450650277681&gdpr=0&gdpr_consent=

311 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.yourmoneymagic.com/
Redirect Chain
  • http://www.yourmoneymagic.com/
  • https://www.yourmoneymagic.com/
111 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
9efd0b9f20f5d1c4c8d7d019a98c508928c08add388885dc98221b142c78ce53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

:method
GET
:authority
www.yourmoneymagic.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
accept-ranges
bytes
content-encoding
gzip
content-type
text/html; charset=UTF-8
x-hw
1629467218.cds041.fr8.hn,1629467218.cds136.fr8.sc,1629467218.cds136.fr8.e
server
nginx
link
<https://www.yourmoneymagic.com/wp-json/>; rel="https://api.w.org/" <https://www.yourmoneymagic.com/wp-json/wp/v2/pages/5360>; rel="alternate"; type="application/json" <https://www.yourmoneymagic.com/>; rel=shortlink
cache-control
max-age=3333, public public
etag
W/"75429ead6938cf62c2958148793c3da5"
x-powered-by
W3 Total Cache/0.13.2
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-allow-headers
*
access-control-allow-methods
*
access-control-max-age
1728000
strict-transport-security
max-age=31536000; includeSubdomains; preload
via
1.1 google
set-cookie
GCLB=CMSj09aM-L7LOA; path=/; HttpOnly
last-modified
Fri, 20 Aug 2021 13:42:31 GMT

Redirect headers

Date
Fri, 20 Aug 2021 13:46:58 GMT
Accept-Ranges
bytes
Cache-Control
max-age=0
Location
https://www.yourmoneymagic.com/
X-HW
1629467218.cds054.fr8.h2,1629467218.cds136.fr8.c
Host
www.yourmoneymagic.com
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
ccpa.bundle.js
ccpa.privacymanager.io/1/ 		131 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.privacymanager.io/1/ccpa.bundle.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:cc00:9:dc53:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75c44c488870aff0adb0923d62c348acadae9820f9b4263d2e4f6684a1c6b18c

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 19 Aug 2021 18:12:33 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 14:06:52 GMT
server
AmazonS3
age
70465
etag
W/"dab1047e745ae4635f7bb3c847df6b8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
zk9gE6tr8JEdWEJI4y5geL1MzffbyRYG
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-type
application/x-javascript
x-amz-cf-id
2hca1BcWwatRSUgjFcwcCFC_85or6lRzoBG-FjSRM4JM4-CaQHOzfQ==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/gdpr-liveramp.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c209434d68ea840d8a39cde25469f433ef0bdc1ab9690d01f0cce3d84218d38

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nBJbx5y0wGV_Zo.v2_nPIs62AeTi2cOX
content-encoding
gzip
etag
W/"6bdc6b1fbd1d852ee7b1a86d3e83f208"
age
3448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Mon, 26 Jul 2021 20:34:28 GMT
server
AmazonS3
date
Fri, 20 Aug 2021 12:49:31 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
SG00FGNVJEIL3Dag3qxwSDQqo9LMsAIVTl79NYYbZiFBkQEG5zFu8A==
ccpa-liveramp.js
ccpa-wrapper.privacymanager.io/ccpa/a72d0a4a-a60f-4b95-b5b9-c369178a3922/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa-wrapper.privacymanager.io/ccpa/a72d0a4a-a60f-4b95-b5b9-c369178a3922/ccpa-liveramp.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:3:f9b0:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92a8f9e515c054ea9c29e17e1bbcedeb19d041a3bdb4b2b5eadfbcca3f23a2a7

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zGlk69e2q4Zj.7at7tlmcs7Zete.qxuC
content-encoding
gzip
etag
W/"86c0cd8037917dca7f55d664e0457f0a"
last-modified
Wed, 03 Mar 2021 02:10:12 GMT
server
AmazonS3
age
56733
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
date
Thu, 19 Aug 2021 22:01:26 GMT
content-disposition
attachment; filename="ccpa-liveramp.js"
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
x_hcCJIulE5WDrK5QsKfwM2XdT2zPPxFuaNxtofG8oLy8erBHd1cXg==
style.min.css
www.yourmoneymagic.com/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 May 2021 11:22:31 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds258.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
7848
etag
"60acddf7-c88a"
styles.css
www.yourmoneymagic.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 17 Mar 2020 00:22:35 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds204.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
677
etag
"5e70184b-6d2"
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8422
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 10:23:39 GMT
style.min.css
www.yourmoneymagic.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 		869 B
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
9af98e149ed5a7af3bbfe75257ddb5a7d4bc5f0be036822f89b2a1fa809fd21e

Request headers

:path
/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Aug 2021 18:09:33 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds201.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
333
etag
"6116b55d-365"
fastgallery.css
www.yourmoneymagic.com/wp-content/themes/zoxpress-child/css/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress-child/css/fastgallery.css?ver=2
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
d28efaff3cf614549aa68db1ad993f3a3027520dcaaae77eb22b1cfb93494b00

Request headers

:path
/wp-content/themes/zoxpress-child/css/fastgallery.css?ver=2
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Aug 2021 16:37:31 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds003.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
9264
etag
"61169fcb-cde7"
style.css
www.yourmoneymagic.com/wp-content/themes/zoxpress/ 		173 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/style.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
021f8bc5e18461a2a91ee1c0b9c2c750e22402a14d789a62a8fae5e58520fed2

Request headers

:path
/wp-content/themes/zoxpress/style.css?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds138.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
26084
etag
"5f7fec47-2b5ff"
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3865160
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
5R95WK13VPV4ZKRS
x-amz-id-2
o26pTKHmQIgZWzyQ043iLyR94bCQgteSFP+YmHcCvGF3qBsRqqbUn6PVEzBOJqFnMTkm6w9FGdU=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csPTm0ygmgxr2Mwio6ekT9Fq0hUitjVa9oC%2FXIJllLaUr7Bm6zicv84%2F61ipCTZd0xm%2F9V%2FaOl8nwvoy%2FzHd5%2BjsAwCaEaZnhirc6ECDuGhUkkrS7TYm1MolQJ8G%2BIV1U4075Cz5DWr2He082fG2igKb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
681c1222da724ea9-FRA
reset.css
www.yourmoneymagic.com/wp-content/themes/zoxpress/css/ 		1 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/css/reset.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b

Request headers

:path
/wp-content/themes/zoxpress/css/reset.css?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds158.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
611
etag
"5f7fec47-43a"
all.css
use.fontawesome.com/releases/v5.12.1/css/ 		56 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3865156
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
DDC0FRG25PQVM6WB
x-amz-id-2
c8+pVQkKC8ccgM5w3w/69IaeC/ch7YGl2s7zFwyuJsOhdGwVUmvUXlpDhZCfiD57FqAHU2SDTb0=
last-modified
Wed, 30 Jun 2021 15:38:16 GMT
server
cloudflare
etag
W/"2a0e11a7655cf7af50d9152727c134ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FIdHFuVjbTHWB1zjGuGBtv%2BOL7ucx97dOTxaCrzuSHRVUHPCxosHoCiSHfxumO8QVvrHh7CrnrgVC0sS%2FxwP4cDe3SUvR67TP5effiR%2F3ybSeRJa8a0e0QyFS57bPCYuU5zGkO9JCTSwFx0w%2FS%2BtMMw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
681c1222da744ea9-FRA
css
fonts.googleapis.com/ 		150 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cde654eb275a33ae23415dbaed7b378defbf3df8f84a0f7eacf7f808e2eb1873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 13:46:58 GMT
server
ESF
date
Fri, 20 Aug 2021 13:46:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Aug 2021 13:46:58 GMT
media-queries.css
www.yourmoneymagic.com/wp-content/themes/zoxpress/css/ 		168 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/css/media-queries.css?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
b139e775a1abe8317c4ef7225c906242b9078305d8203a2156c33bfa11579869

Request headers

:path
/wp-content/themes/zoxpress/css/media-queries.css?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds281.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
11824
etag
"5f7fec47-2a1da"
jquery.min.js
www.yourmoneymagic.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 21:29:34 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds054.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
30957
etag
"6002093e-15d98"
jquery-migrate.min.js
www.yourmoneymagic.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Jan 2021 21:29:34 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds226.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
4169
etag
"6002093e-2bd8"
jquery.cookie.js
www.yourmoneymagic.com/wp-content/plugins/sitepress-multilingual-cms/res/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.4.11
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306

Request headers

:path
/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.4.11
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Aug 2021 18:09:32 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds233.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1109
etag
"6116b55c-b01"
language-cookie.js
www.yourmoneymagic.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 		246 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.4.11
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
f767f42765a143586abafcd5f1ec1221274c58264b311bd14ea2bae8c25252ad

Request headers

:path
/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.4.11
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Aug 2021 18:09:32 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds165.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
138
etag
"6116b55c-f6"
High-rez.png
www.yourmoneymagic.com/wp-content/uploads/2020/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yourmoneymagic.com/wp-content/uploads/2020/12/High-rez.png
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
c760518e16b88df5b9af7351e833381cdafd3569d99a5eb5d101fe3fb67c9f90

Request headers

:path
/wp-content/uploads/2020/12/High-rez.png
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Dec 2020 23:53:22 GMT
server
nginx
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds261.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000 public
accept-ranges
bytes
content-length
7575
etag
"5fc828f2-1d97"
YMM-logo-3-line-1.png
www.yourmoneymagic.com/wp-content/uploads/2020/11/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yourmoneymagic.com/wp-content/uploads/2020/11/YMM-logo-3-line-1.png
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
d8f87ddc5f3f36e64ed4727eb966b30c46779a2cb65264d9e9628790036ce5ba

Request headers

:path
/wp-content/uploads/2020/11/YMM-logo-3-line-1.png
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Nov 2020 21:32:45 GMT
server
nginx
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds150.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000 public
accept-ranges
bytes
content-length
9720
etag
"5fbc2a7d-25f8"
amd.ymm.js
www.yourmoneymagic.com/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/amd.ymm.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
b4a6c7e5017609aae1c61ea864259b6f8278390f4df1a12a034e8ea642cfc9fc

Request headers

:path
/amd.ymm.js
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Aug 2021 01:52:06 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds220.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
12969
etag
"611c67c6-10fc2"
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
50c00fdd7c176d160b1157b4bc78af7d33c041aac06981b0cf0e6c9564be4191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"964 / 583 of 1000 / last-modified: 1629457898"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25436
x-xss-protection
0
expires
Fri, 20 Aug 2021 13:46:58 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
age
12358
etag
W/"a4d296427fc806b21335359e398c025c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Fri, 20 Aug 2021 10:21:01 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
4kvlGwjCD_nyoJl-LHHfTpQQGhvw5DVmdKNzpFHE3ApaA2d-YGrMPw==
scripts.js
www.yourmoneymagic.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 17 Mar 2020 00:22:35 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds228.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
3993
etag
"5e70184b-3868"
core.min.js
www.yourmoneymagic.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 May 2021 11:22:31 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds279.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
6865
etag
"60acddf7-5133"
jquery.sticky-kit.min.js
www.yourmoneymagic.com/wp-content/plugins/zoxpress-plugin//scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.sticky-kit.min.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

:path
/wp-content/plugins/zoxpress-plugin//scripts/jquery.sticky-kit.min.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 05:29:34 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds010.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1295
etag
"5f7ff53e-aee"
jquery.waypoints.min.js
www.yourmoneymagic.com/wp-content/plugins/zoxpress-plugin//scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/plugins/zoxpress-plugin//scripts/jquery.waypoints.min.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

:path
/wp-content/plugins/zoxpress-plugin//scripts/jquery.waypoints.min.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 05:29:34 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds004.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
3132
etag
"5f7ff53e-28ee"
functions-base.js
www.yourmoneymagic.com/wp-content/themes/zoxpress-child/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress-child/js/functions-base.js?ver=3
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
c8d0488512ac98a9343c03964aa052b77f4f3f0bdb0f3e8869151968b58b0e7d

Request headers

:path
/wp-content/themes/zoxpress-child/js/functions-base.js?ver=3
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Aug 2021 23:26:01 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds165.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1025
etag
"6115ae09-98b"
zoxcustom.js
www.yourmoneymagic.com/wp-content/themes/zoxpress/js/ 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/js/zoxcustom.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/wp-content/themes/zoxpress/js/zoxcustom.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds103.fr8.sc,1629467218.cds103.fr8.p
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
0
etag
"5f7fec47-0"
scripts.js
www.yourmoneymagic.com/wp-content/themes/zoxpress/js/ 		111 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/js/scripts.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
2ecc17ef6f2b22e18e4f779bcda128e3bc8e791befdacc6ff8bb59814e69aa8d

Request headers

:path
/wp-content/themes/zoxpress/js/scripts.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds204.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
24545
etag
"5f7fec47-1bb63"
retina.js
www.yourmoneymagic.com/wp-content/themes/zoxpress/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/js/retina.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

:path
/wp-content/themes/zoxpress/js/retina.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds133.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1165
etag
"5f7fec47-c20"
jquery.infinitescroll.min.js
www.yourmoneymagic.com/wp-content/themes/zoxpress/js/ 		21 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/js/jquery.infinitescroll.min.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

:path
/wp-content/themes/zoxpress/js/jquery.infinitescroll.min.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds236.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
12126
etag
"5f7fec47-54c9"
comment-reply.min.js
www.yourmoneymagic.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-includes/js/comment-reply.min.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 May 2021 11:22:31 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds001.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1346
etag
"60acddf7-ba8"
intersection-observer.js
www.yourmoneymagic.com/wp-content/themes/zoxpress/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/js/intersection-observer.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
8e958f60fbf777edbd2d9b72c92c2ecd04dfbd4083f7cdbf80ca007c6e02335f

Request headers

:path
/wp-content/themes/zoxpress/js/intersection-observer.js
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds206.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
6359
etag
"5f7fec47-5720"
lozad.min.js
www.yourmoneymagic.com/wp-content/themes/zoxpress/js/ 		2 KB
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-content/themes/zoxpress/js/lozad.min.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
5bcb9dd1d72186cb617055272128e3c11a30dfc9a979e9237deaca99325f0b05

Request headers

:path
/wp-content/themes/zoxpress/js/lozad.min.js
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Oct 2020 04:51:19 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds137.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
866
etag
"5f7fec47-72c"
wp-embed.min.js
www.yourmoneymagic.com/wp-includes/js/ 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/wp-includes/js/wp-embed.min.js?ver=5.6.4
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.6.4
pragma
no-cache
cookie
GCLB=CMSj09aM-L7LOA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Feb 2021 23:21:34 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds257.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
765
etag
"601b2ffe-592"
gdpr.bundle.js
gdpr.privacymanager.io/1/ 		178 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c97fa680ab8feab09e2d28bdad2af0e0882e645914192285ed125b45474e9519

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
W7yB1.UgaEceRQmAW3RsVGdfCwIrj73e
content-encoding
gzip
etag
W/"22f0bd0cbd46a1955a55eb87282c9d46"
last-modified
Thu, 24 Jun 2021 10:27:56 GMT
server
AmazonS3
age
3158
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Fri, 20 Aug 2021 12:54:21 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
dUx0uCGzD1_JIv8714gpmX6cF9tSJ2abBTGUsTIf6NNMc7KTo32cmA==
gtm.js
www.googletagmanager.com/ 		241 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHGM69G
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4cdcf2f490a1f52ac2668376445e1f1291c68a0dd31537684ad325901600801b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64953
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Aug 2021 13:46:58 GMT
truncated
/ 		264 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cfd85774537c98025d7a5a8700d7e4af76e1164b9fb3a397aaac73b937b53dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:12:59 GMT
x-content-type-options
nosniff
age
304439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:12:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 06:52:18 GMT
x-content-type-options
nosniff
age
284080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 06:52:18 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.12.1/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
652545
cf-ray
681c1223a8424a74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76548
x-amz-id-2
4IHrw+/rUnEpBdrflm0GAgPY6DtjAQ3kwkUC53d49jE1fI7jCwNODZLpIQ4w28QBeoensWJ95Rs=
last-modified
Wed, 30 Jun 2021 15:38:37 GMT
server
cloudflare
etag
"067595ad77ecc0db9c81c8905a7eef32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjDzrQRHu3KP8c1hIOncQMDxwHuqaBSjnebEt3h7PqjC7fO42GtMuoCbpiDc14RTZIFCt%2FVMWwR8m7dhLDmuh5nCxgI%2BjRbtiCExoaVTf3eMTjHPJJZjY6La8ihyKUfTSqihldLZfAyolJCAPstI3%2BEt"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
BTK8WXJZ11HE5YME
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:30:05 GMT
x-content-type-options
nosniff
age
303413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:30:05 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:57:53 GMT
x-content-type-options
nosniff
age
276545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 08:57:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:00:34 GMT
x-content-type-options
nosniff
age
297984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 03:00:34 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:30:52 GMT
x-content-type-options
nosniff
age
306966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:30:52 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.12.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3478864
cf-ray
681c1223a8414a74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13600
x-amz-id-2
ysvPH0VE/sy5xynt8vlipjH9JbrlK3rWSe5ufWDmRfFwrhioe0xNMSwZ0ZzCcxmKv+dImE4rJAo=
last-modified
Wed, 30 Jun 2021 15:38:37 GMT
server
cloudflare
etag
"4165c2688309cbfb1b877caf8f75afb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4EFWxUXvPU6UTla6OYgBNYc%2BXWFF50bu8FNN457gMBoK5mB8nilmx9ImgZn1ZpSQSj%2BswmXKmgFYd3k7hvGG5oE4O7nmsUf2Do0ww2H2663kSZ0P9oNSzVsbncy8iBnG8tiRhLovTPYPiGS5FMB8AbN"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
VXV34VMT9JJW8HQW
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v12/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto+Condensed%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CIM+Fell+French+Canon%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 19:05:19 GMT
x-content-type-options
nosniff
age
153699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27116
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:13:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 19:05:19 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.12.1/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Origin
https://www.yourmoneymagic.com
Referer
https://use.fontawesome.com/releases/v5.12.1/css/all.css?ver=5.6.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3478864
cf-ray
681c1223a83e4a74-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76120
x-amz-id-2
GdG4isTl56fkAyJRJibxTUH5TH3NU3pCXdWhk89k8AXrWcntx3IAbFOSxWQj4pVz7wZfgnSzkvI=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
"55eb2a60e8181f0e68b558c991973bf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33WVlc3yfyum4OkhZK3oIh0sF4mdXl%2FafiDI%2BCEElyQcqJRHwwXApIQLCgALlZ4u87L%2FavzkfqT9i2bQ9AZIe9gh%2B%2FTwvTj1B2vxYoaQv4n6WgDGb1bzY79oyyMJ7jVLQPRJwHCmgWYGHdAZlYYcxx%2B2"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
CQ1DPDG3C51E2YZR
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
a4fd3971-3-ways-to-have-a-more-realistic-budget-1024x576.png
images.yourmoneymagic.com/2021/06/ 		599 KB
599 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/a4fd3971-3-ways-to-have-a-more-realistic-budget-1024x576.png
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d3d76f83030128a12bda890058c4b75b49fea0cbeea6d211830a050d16af8d85

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycduWCvRcu2YboyRJ3yjDBiet5osvykmf6NUrE-9cWJvoyWhiuvnX_7TFMSRJXagLvmdmlFlOzNYhSBu9VIANehg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Tue, 22 Jun 2021 17:42:32 GMT
x-goog-stored-content-encoding
identity
content-length
613067
x-hw
1629467218.cds143.fr8.hn,1629467218.cds285.fr8.c
x-goog-meta-height
576
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12024
server
UploadServer
etag
"a091c7de27ac4ab77a3ebaf29d531be1"
x-goog-hash
crc32c=MGAyuQ==, md5=oJHH3iesSrd6PrrynVMb4Q==
x-goog-generation
1624383752671982
access-control-allow-origin
*
x-goog-meta-width
1024
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
613067
accept-ranges
bytes
content-type
image/png
x-goog-meta-size
zox-large-thumb
6b2dbf20-how-to-encourage-employees-to-use-their-employee-benefits-600x337.jpg
images.yourmoneymagic.com/2021/08/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/08/6b2dbf20-how-to-encourage-employees-to-use-their-employee-benefits-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a9d3ad5dfc1644e57e4b95eeeb4e4071d45e62c46a3107e8f641b5bf241e0bae

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdvt_RfokrRqPUQnA0gyMQesfkpFnT4jlASq6C-BG0EFcz0HOxzKYcdw5VcvxrBPvnh-akVlsNUPQjI7t1MRb4S-bVheww
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 13 Aug 2021 16:29:09 GMT
x-goog-stored-content-encoding
identity
content-length
37333
x-hw
1629467218.cds143.fr8.hn,1629467218.cds133.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12881
server
UploadServer
etag
"08c89b3f342f57fdb2169901b43f9ad5"
x-goog-hash
crc32c=jQXb1w==, md5=CMibPzQvV/2yFpkBtD+a1Q==
x-goog-generation
1628872149623819
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
37333
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
5390c256-4-ways-you-can-earn-money-from-playing-video-games-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/5390c256-4-ways-you-can-earn-money-from-playing-video-games-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
951ae8013e2a7f9752b5b2eb8136187309edf3e40ea9feb611eb0fa18161be50

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycds6ASZi4k1RT_UcmeP2TNmQPBeCaqoQCJW95kncirfr84XsaSDgOzXC573O5RdX5VFbcklqymZGPmzIMC2L932q-odbHA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Mon, 28 Jun 2021 19:54:33 GMT
x-goog-stored-content-encoding
identity
content-length
25725
x-hw
1629467218.cds143.fr8.hn,1629467218.cds250.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12232
server
UploadServer
etag
"ec3c051cb200520b1c0c4ee0ab480852"
x-goog-hash
crc32c=QYcCdA==, md5=7DwFHLIAUgscDE7gq0gIUg==
x-goog-generation
1624910073419783
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
25725
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
99f99e2d-top-7-reasons-to-save-money-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/99f99e2d-top-7-reasons-to-save-money-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0fc25ea3926a711e5e8fdf4fe765fc4890abdad3a882cb010bb5f149ea8c3fe6

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdv5jmvwMNPOkXJkGSEFxuuSiMsKZyJpxYD72-8SoGQy_zM2oLsSC1o49BkPlPaVNKUHdp9dBzKeCCEJQfGcY89pa6qa0w
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 25 Jun 2021 15:15:49 GMT
x-goog-stored-content-encoding
identity
content-length
26609
x-hw
1629467218.cds143.fr8.hn,1629467218.cds156.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12149
server
UploadServer
etag
"e1577d366281056f443f33780f62747c"
x-goog-hash
crc32c=R31faw==, md5=4Vd9NmKBBW9EPzN4D2J0fA==
x-goog-generation
1624634149210137
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
26609
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
2508cea1-millionaires-and-their-mindsets-600x337.jpg
images.yourmoneymagic.com/2021/07/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/07/2508cea1-millionaires-and-their-mindsets-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3cedee492169be01acb80361e2b95cac22275d077925cf8676efe45954a0e9cf

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycduvTuLOxO0-a9szTkJiNl_-txsDDxn6e347jX37vpiZli4bZzftmYEkNMYAr2hQwhpG2SaYpBY6Y_CV2LR-Jz4
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 09 Jul 2021 18:22:34 GMT
x-goog-stored-content-encoding
identity
content-length
51771
x-hw
1629467218.cds143.fr8.hn,1629467218.cds158.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12357
server
UploadServer
etag
"5b21aceb33bcbcb3324a1bccbf03e887"
x-goog-hash
crc32c=c4YFkw==, md5=WyGs6zO8vLMyShvMvwPohw==
x-goog-generation
1625854954499187
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
51771
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
44c14806-ways-to-earn-passive-income-600x337.jpg
images.yourmoneymagic.com/2021/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/07/44c14806-ways-to-earn-passive-income-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
13b53dd1d18dd1d36e0f1615d3b02e612270f546a89b95bc241138d609c0c851

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdvUDMbQtF_dUtNVUN9wZ0WF2hEq73gYHNEIhoenQKsqnMbJdwVzK5XrQj1EzVZbDcTLH62duoKE9M8XzWy2JA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 09 Jul 2021 18:19:36 GMT
x-goog-stored-content-encoding
identity
content-length
18785
x-hw
1629467218.cds143.fr8.hn,1629467218.cds003.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12354
server
UploadServer
etag
"dd1e015d209307ea68d56504014f8ddf"
x-goog-hash
crc32c=zkIyIw==, md5=3R4BXSCTB+po1WUEAU+N3w==
x-goog-generation
1625854776833629
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
18785
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
2cd1acfb-5-tips-to-have-a-healthy-lifestyle-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/2cd1acfb-5-tips-to-have-a-healthy-lifestyle-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ed14694dc5a87fe9a8c85290596774344726a97b937f8fd4d71b92041aefa343

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdvqYR5JZ6A8BZFv0A51oVFvT1c1N_lVfMAPSauM_fcX4NhCjh9NezvscIFYd-AHebbyroOGT-atXq1WIANMpw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Mon, 28 Jun 2021 19:52:07 GMT
x-goog-stored-content-encoding
identity
content-length
42104
x-hw
1629467218.cds143.fr8.hn,1629467218.cds276.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12228
server
UploadServer
etag
"0109514df5953ee89cf673fbad2d4b89"
x-goog-hash
crc32c=AV+cKg==, md5=AQlRTfWVPuic9nP7rS1LiQ==
x-goog-generation
1624909927476606
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
42104
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
92046f4c-mistake-people-in-their-20s-make-with-their-money.-600x337.png
images.yourmoneymagic.com/2021/07/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/07/92046f4c-mistake-people-in-their-20s-make-with-their-money.-600x337.png
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a010435147d82d676f2638a14aaa9f3c04818f26d5f37824ad42a0f58f1e4f9

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdsGVcJ1a3tDRK4scAF_PCxjUYUZcgXcRKZvL9Y10GojBjaOWyCQG4sbqVPilsxuN5BNTWkdttPOYOXHIqQPdGg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Thu, 01 Jul 2021 19:28:18 GMT
x-goog-stored-content-encoding
identity
content-length
235929
x-hw
1629467218.cds143.fr8.hn,1629467218.cds220.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12261
server
UploadServer
etag
"16b4f6adb5a3b7a30a29ab8a3b8b1fa0"
x-goog-hash
crc32c=aptLAw==, md5=FrT2rbWjt6MKKauKO4sfoA==
x-goog-generation
1625167698371629
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
235929
accept-ranges
bytes
content-type
image/png
x-goog-meta-size
zox-mid-thumb
d16fa140-how-to-stay-consistent-600x337.jpg
images.yourmoneymagic.com/2021/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/07/d16fa140-how-to-stay-consistent-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9d9e0933815af2c32a10cbe880eb53cf5ab583d1c4d989642f2e4f21c647f4ab

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdtbtM_lHqG73aaFaD5FGEyfCMpSH3pYSpAzvml3nM2ZK3S2CbU0LEX-rtuHdTEZ7TT7twJUuZgfdHOPu7Gux83p12YU_Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Tue, 20 Jul 2021 22:52:55 GMT
x-goog-stored-content-encoding
identity
content-length
37709
x-hw
1629467218.cds143.fr8.hn,1629467218.cds279.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12511
server
UploadServer
etag
"097f92f0f8df8706243096fab4be45c6"
x-goog-hash
crc32c=CmUFYw==, md5=CX+S8PjfhwYkMJb6tL5Fxg==
x-goog-generation
1626821575172906
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
37709
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
0244bafd-meditation-%E2%80%93-positive-psychology-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/0244bafd-meditation-%E2%80%93-positive-psychology-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
73942eb1230008b95d4883cff41b90a2ee8e1e024904be6e058cb08df5f5eedf

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdub3ZF2RCoAbUn_E32m2F0M_stQ7YdklRr936houzz_Cs0k_mAH6oZoB7I8peF49JXftVpf-IKheKPhYMUz2gQbN3edJg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 25 Jun 2021 13:41:50 GMT
x-goog-stored-content-encoding
identity
content-length
40642
x-hw
1629467218.cds143.fr8.hn,1629467218.cds164.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12140
server
UploadServer
etag
"b68b6148978fecc5ef8b35233fa0a515"
x-goog-hash
crc32c=D4jx5w==, md5=tothSJeP7MXvizUjP6ClFQ==
x-goog-generation
1624628510477802
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
40642
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
2fc6698f-5-things-to-keep-in-mind-while-buying-life-insurance-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/2fc6698f-5-things-to-keep-in-mind-while-buying-life-insurance-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a78068412314844535393b782c600ec0bd7908a95727f9538e5b2489a797c669

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycds0BNf-xfTgCM_wmmhsQaW-hid8zhuKMf01g8mOupI29cFNzmA9TogbaAo1D8qnFHnSe8agPdHqKs9YaJ_u2apx0w9yGw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Mon, 28 Jun 2021 19:49:18 GMT
x-goog-stored-content-encoding
identity
content-length
15528
x-hw
1629467218.cds143.fr8.hn,1629467218.cds260.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12224
server
UploadServer
etag
"e9cd3d964156749e4a4db5d48f6ae1bc"
x-goog-hash
crc32c=omUWSg==, md5=6c09lkFWdJ5KTbXUj2rhvA==
x-goog-generation
1624909758026664
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
15528
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
6b639754-5-benefits-of-having-emotional-intelligence-600x337.png
images.yourmoneymagic.com/2021/06/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/6b639754-5-benefits-of-having-emotional-intelligence-600x337.png
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
36b4cffb1084d03760e3b77b42f749c6d6a86fcc43456cc5b25ea0a17811de24

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
age
0
x-guploader-uploadid
ADPycdvkWrzEQomTtbprZM2oqceqQFgs9nQi1maGsxSi8r7js5i9px0Ij2SwveZmZtR1nD9j6GH85AsXKRDNePMAXrS-XDONsQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Mon, 21 Jun 2021 17:10:08 GMT
x-goog-stored-content-encoding
identity
content-length
258352
x-hw
1629467218.cds143.fr8.hn,1629467218.cds214.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
11994
server
UploadServer
etag
"d53215fead2e7e677943b98553aea3a2"
x-goog-hash
crc32c=QNgcgg==, md5=1TIV/q0ufmd5Q7mFU66jog==
x-goog-generation
1624295408549332
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
258352
accept-ranges
bytes
content-type
image/png
x-goog-meta-size
zox-mid-thumb
22b74400-a-car-of-a-person-who-did-not-have-car-insurance-is-damaged-by-a-fallen-tree-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/22b74400-a-car-of-a-person-who-did-not-have-car-insurance-is-damaged-by-a-fallen-tree-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a4d5580b7cd26c30fbecaedc3eccce6d40e07de7e6121b6142a1cfc85e402d87

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycduwQJAajDc4lVfxUGGQYbtUavPtWDVeT6rgh3bE5pfqbevpfKjct1aD_mb-Sj4Ynnup3h9xC_c_vQ8V2xCid6yo-IVodw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Mon, 28 Jun 2021 19:47:31 GMT
x-goog-stored-content-encoding
identity
content-length
58817
x-hw
1629467218.cds143.fr8.hn,1629467218.cds288.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12220
server
UploadServer
etag
"2a00473e2d6a596549b55c01fd2f0b2e"
x-goog-hash
crc32c=2lGlVA==, md5=KgBHPi1qWWVJtVwB/S8LLg==
x-goog-generation
1624909651843249
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
58817
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
33becf33-5-ways-how-you-can-improve-your-self-confidence-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/33becf33-5-ways-how-you-can-improve-your-self-confidence-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
77f90710965ed7d0b943cf275a9b6715efc24630087ac4ee7bc96b3d9f276193

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdu1T0NZRgTzGklUQ-19Ez5su0Xsd5T10L9GC0VgMKG5Q4eERVllyoX4EH8ZYvAUBeHImBTwTAV9X-Od1S20IZ4
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Wed, 23 Jun 2021 20:05:51 GMT
x-goog-stored-content-encoding
identity
content-length
80757
x-hw
1629467218.cds143.fr8.hn,1629467218.cds291.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12116
server
UploadServer
etag
"f989da8a255737fb9b108ac66ea221fb"
x-goog-hash
crc32c=pOa+vg==, md5=+YnaiiVXN/ubEIrGbqIh+w==
x-goog-generation
1624478751332885
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
80757
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
5f3fda82-how-has-the-pandemic-affected-life-insurance-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/5f3fda82-how-has-the-pandemic-affected-life-insurance-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5fe9d1876afac7a3a8d9186b1479a3e9438116f5ca9b7690834adce0895935ce

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdv03avr-uUCrFxx_1b7DpZFzMrFFyFlwK0zJm1Bz7A4gaGZjDcwO1HSIrbuMb9piAWXduHpty3u44pkzEMOHNKFT9QKHw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Tue, 22 Jun 2021 18:26:59 GMT
x-goog-stored-content-encoding
identity
content-length
36327
x-hw
1629467218.cds143.fr8.hn,1629467218.cds253.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12028
server
UploadServer
etag
"feabc74a229baf7603ff40a5e30f1cd6"
x-goog-hash
crc32c=+yGktw==, md5=/qvHSiKbr3YD/0Cl4w8c1g==
x-goog-generation
1624386419684568
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
36327
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
c5eba11c-4-ways-you-can-break-a-bad-habit-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/c5eba11c-4-ways-you-can-break-a-bad-habit-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
770f6491631d45a0f5e75b98e18fcf4fb633ab5e1dcd7fa4ba90ac1e7393bfcf

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdvsfZWs-O9UcL6VLsz45VptuZPyA-Ok1jv8bAP9FLqBaIEQbMgnybZEqenMyTDAk2mpBZn5W2CaLiFvjimacsegkgCnGg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 25 Jun 2021 14:01:44 GMT
x-goog-stored-content-encoding
identity
content-length
28088
x-hw
1629467218.cds143.fr8.hn,1629467218.cds246.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12143
server
UploadServer
etag
"7748662164cf7d4815edaea2ee466dc0"
x-goog-hash
crc32c=Pvfpeg==, md5=d0hmIWTPfUgV7a6i7kZtwA==
x-goog-generation
1624629704121867
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
28088
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
114978e0-top-4-skills-to-earn-easy-money-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/114978e0-top-4-skills-to-earn-easy-money-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8f99e8239d44c2b9924e17ab22681397a812dabd186dc5869ceadc3331817385

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdvl8PsgFzbWDPdTPpbejPbfA_mtwT3SQFO2FmTMyaAom7JdCjqQGZiJCoZGfwoVrJBA0lI0ev0FcQImplH5jBDSroqI7w
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Tue, 22 Jun 2021 18:35:38 GMT
x-goog-stored-content-encoding
identity
content-length
17676
x-hw
1629467218.cds143.fr8.hn,1629467218.cds015.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
12032
server
UploadServer
etag
"03417a504713225847f922b3be2724f5"
x-goog-hash
crc32c=ZgpsOA==, md5=A0F6UEcTIlhH+SKzvick9Q==
x-goog-generation
1624386937952451
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
17676
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
d6f689de-6-ways-you-can-have-a-positive-mindset-600x337.jpg
images.yourmoneymagic.com/2021/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/d6f689de-6-ways-you-can-have-a-positive-mindset-600x337.jpg
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b4ccd1e84ee06b88155ef435ac3dccccd744f8c3c54f325cc5ce4bedbdd694e

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycdutgrDbS6Vp8BXno-N8FH_fVk0PVbwR1K0yI8g9F_afclRAA2Zojr-zLEjDGrr94rJW7g6TRiShMYN3mKHXr1k
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Fri, 18 Jun 2021 19:58:45 GMT
x-goog-stored-content-encoding
identity
content-length
40552
x-hw
1629467218.cds143.fr8.hn,1629467218.cds263.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
11934
server
UploadServer
etag
"e05616cd7a4912fce1fdd687c852592c"
x-goog-hash
crc32c=8acRbA==, md5=4FYWzXpJEvzh/daHyFJZLA==
x-goog-generation
1624046325320772
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
40552
accept-ranges
bytes
content-type
image/jpeg
x-goog-meta-size
zox-mid-thumb
04933e6a-6-reasons-why-you-should-get-life-insurance-600x337.png
images.yourmoneymagic.com/2021/06/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.yourmoneymagic.com/2021/06/04933e6a-6-reasons-why-you-should-get-life-insurance-600x337.png
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f28132336ea521a9a6f6307755e23fad66b3e5f0a533bb5332612b7b84ddaa36

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
x-guploader-uploadid
ADPycduopiCW7d8LV2G8XNvMZF7xuPBvC0EGKOQKMVTFpZB-NObHiZNPimPBxFtNPCHXJIZz6a61kfk9RCB-PE8VeOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
last-modified
Thu, 17 Jun 2021 13:58:31 GMT
x-goog-stored-content-encoding
identity
content-length
254462
x-hw
1629467218.cds143.fr8.hn,1629467218.cds010.fr8.c
x-goog-meta-height
337
x-goog-meta-file-hash
d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of
11885
server
UploadServer
etag
"525ad522e322c5ee664c4b5abcff899e"
x-goog-hash
crc32c=spfBtQ==, md5=UlrVIuMixe5mTEtavP+Jng==
x-goog-generation
1623938311362389
access-control-allow-origin
*
x-goog-meta-width
600
cache-control
public, max-age=36000, must-revalidate
x-goog-stored-content-length
254462
accept-ranges
bytes
content-type
image/png
x-goog-meta-size
zox-mid-thumb
multiplier.json
images.yourmoneymagic.com/document/ 		238 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://images.yourmoneymagic.com/document/multiplier.json
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/amd.ymm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
UploadServer /
Resource Hash
76a717e3106bbce062d4ad66faba695a9e7f6ced5e392d4d178bdc7ea256dd6a

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=2AzUgg==, md5=yWmvYoOs35tsIZ1osabAEw==
date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6pgyIvmmw4egOJqMTsS4oKJmIfJyD0p9GonnyzRqtYMA8X5MrjRexmgR_sLR0_I30dgOmldGaTrmfIxa3aSQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
37302
last-modified
Tue, 20 Jul 2021 16:50:11 GMT
server
UploadServer
etag
"c969af6283acdf9b6c219d68b1a6c013"
x-hw
1629467218.cds054.fr8.hn,1629467218.cds239.fr8.c
x-goog-generation
1626799811829980
access-control-allow-origin
*
cache-control
public, max-age=3600
x-goog-stored-content-length
243304
accept-ranges
bytes
content-type
application/json
ymm-pbjs.js
www.yourmoneymagic.com/ 		253 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/ymm-pbjs.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/amd.ymm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
b21758b22c5813fb752ec63f1ecaa873001752d89d21c5c3c44408b4836abf67

Request headers

:path
/ymm-pbjs.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Aug 2021 12:55:04 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds235.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
80646
etag
"611fa628-3f5de"
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/amd.ymm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding
gzip
etag
f8520ea4ebd91256d6b4f461d472242a
age
302
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0307KNSJNVGTAHYM95Q3
date
Fri, 20 Aug 2021 13:41:55 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
UQtt8bTaN7EffO4bti9y5NJaHO8hyKqgszHyXIEeH0Fw8oIA6_r8Pg==
pubads_impl_2021081801.js
securepubads.g.doubleclick.net/gpt/ 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Aug 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118094
x-xss-protection
0
expires
Fri, 20 Aug 2021 13:46:58 GMT
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/vendor-list.json
Protocol
H2
Server
2600:9000:20eb:9000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Thu, 19 Aug 2021 17:31:39 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Gt_i16ZehI6MkEn1srFp7a0xWc9FCYmUohps6vBswXGPZQKgt-z7ng==
age
72920
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Server
13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-37.zrh50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Fri, 20 Aug 2021 13:46:58 GMT
x-amzn-requestid
17133769-1c61-4ad9-9884-6282c85f814f
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
EXjM_Ft4DoEFwmQ=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront), 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1 ZRH50-C1
x-cache
Miss from cloudfront
x-amz-cf-id
AjBgBVUOwsvyIICCxRC57skqImjRfIvwRgpbQLtYve02z8DWmBh7cw==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/ 		691 KB
92 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/398be029-8480-4401-8919-33d514e76ed2/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
077208e4c1ed7355388dfe6dd5daeb6e8bcbdc1c0ed743fb652221fea57c4769

Request headers

Accept
application/json
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-amz-version-id
Yv7xv2RQEcpx9sN0EnIg49wpfTaeGIIE
content-encoding
gzip
etag
W/"1ef086fee56eac6bc4765e3fb0d082f6"
age
3443
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 19 Aug 2021 17:03:20 GMT
server
AmazonS3
date
Fri, 20 Aug 2021 12:49:36 GMT
access-control-allow-methods
GET
content-type
application/json
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
uKh3zdmSgFvd7C2mceFRiDno6nYOqOeJknFzOaws-cgYWHM4yWaNMQ==
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-37.zrh50.r.cloudfront.net
Software
/
Resource Hash
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Accept
application/json
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Aug 2021 10:52:52 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront), 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
age
10446
x-amzn-requestid
99c56f3e-300d-47c0-a517-be8646dfb558
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-611f8983-07b61b60492f82a662046a90;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1, ZRH50-C1
x-amz-apigw-id
EXJspGC_DoEFzvw=
content-length
30
x-amz-cf-id
L_eIMXIzFhMzqVBUVlJsXpRnBR3MD4-TpdiZZGAaJIRnAo66nunzNQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
tfa.js
cdn.taboola.com/libtrc/unip/1299817/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1299817/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGM69G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
245affa620faec1b7e9e431d1e76c88b6b5981e97d90d537f4df7c91ab59d037

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k09ZTzZR_pyrIg25BgTykDNBHcOz2ZHE
content-encoding
gzip
etag
"43e5b35458622fb18661ee715a3291db"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
24845
x-amz-id-2
pcKntGwCdwOxxmup1sc+zF9yqTYuQQGXEPmoHDlwyUaNoBNNouitVn9uFR9U7Xj2L5Hr0mmU2SQ=
x-served-by
cache-fra19150-FRA
last-modified
Mon, 09 Aug 2021 10:16:45 GMT
server
AmazonS3
x-timer
S1629467219.854690,VS0,VE103
date
Fri, 20 Aug 2021 13:46:58 GMT
vary
Accept-Encoding
x-amz-request-id
T46QN0F7WGD7WB4T
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
1
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGM69G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2393
etag
W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
681c1225af00dfcb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 23 Aug 2021 13:46:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25940
x-xss-protection
0
pragma
public
x-fb-debug
tkfuXu0P4eEVAEUpGq/h4P9xbNuGPSena0/lMEkcwv5hMfcl0iSXSVWSS2AgfnE5WwxNN/WfhiBcf+EA44w/+w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 20 Aug 2021 13:46:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 13:46:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 09:47:31 GMT
Server
AkamaiNetStorage
ETag
"fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3100
Expires
Fri, 20 Aug 2021 14:06:58 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
fastly-restarts
1
x-cdn
fastly
etag
"d281f5ef4add283680ff41edc6dd28c4"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-37.zrh50.r.cloudfront.net
Software
/
Resource Hash
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Accept
application/json
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Aug 2021 10:52:52 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront), 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
age
10446
x-amzn-requestid
99c56f3e-300d-47c0-a517-be8646dfb558
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-611f8983-07b61b60492f82a662046a90;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1, ZRH50-C1
x-amz-apigw-id
EXJspGC_DoEFzvw=
content-length
30
x-amz-cf-id
CcN8LMQQ8sjlr7nDm075trwzCi0vPwjEtwIlymxEgQbsD2UBKv3Adw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Server
13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-37.zrh50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Fri, 20 Aug 2021 13:46:58 GMT
x-amzn-requestid
02fae41a-c7bb-490e-83fd-5a041114d02b
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
EXjM-FjojoEFUjA=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront), 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1 ZRH50-C1
x-cache
Miss from cloudfront
x-amz-cf-id
zHiqBQeHQS5kZKGm9Qqhsnf3j4kyPfUHkKqUtu1oTlV_5-ScuZSd6g==
sp.js
www.yourmoneymagic.com/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourmoneymagic.com/sp.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/wp-content/themes/zoxpress-child/js/functions-base.js?ver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx / W3 Total Cache/0.13.2
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

:path
/sp.js
pragma
no-cache
cookie
gdpr-auditId=c0387674895e467cbb8d5c14b38f9468
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.yourmoneymagic.com
referer
https://www.yourmoneymagic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 04 Apr 2020 06:30:43 GMT
server
nginx
via
1.1 google
x-powered-by
W3 Total Cache/0.13.2
x-hw
1629467218.cds041.fr8.hn,1629467218.cds004.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
30370
etag
"5e882993-187fd"
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.yourmoneymagic.com%2F&pubid=8286e92c-64dc-4259-832b-bfd5ea719c01
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:58 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
mhNMCuA2NzLGM6YzI35Vix1AoBFwRwwf4Slu0Og8h06Rzf_Pl4_FGw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 18:14:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
70365
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
_3DrQ4l2bjZZX2wUrtmt9jXa7vmZnAzjWwHOYfweVvXYmHUB6Ap72w==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHGM69G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1997
date
Fri, 20 Aug 2021 13:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 20 Aug 2021 15:13:41 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-xss-protection
0
pragma
public
x-fb-debug
bMiZPAYUQsgeqEbJ4XTN4ed6bdgsN7R+mTarmwJ5KwVkh0XXclWiBWXGiKBF371Fb5hAeVjP6Bzfo/aOv2zslA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 20 Aug 2021 13:46:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
888252224919933
connect.facebook.net/signals/config/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/888252224919933?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca871baafac1b439af766a842f5dd0ccc025b2521a649317364a9fd2535f2f45
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
YaTh7PCX3v9nlfjxk5uqJzUrAnqw0mXuBEd/Fewe0jwoWOV5CRHWhLXVmZ+pm4HFSi4eHR4qG4E99uqaAsRCSQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 20 Aug 2021 13:46:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1417853992&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yourmoneymagic.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Your%20Money%20Magic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=83268348&gjid=695237618&cid=1842538462.1629467219&tid=UA-159955257-2&_gid=762062473.1629467219&_r=1&gtm=2wg8i0KHGM69G&z=1182508502
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
trk.decido.io/com.snowplowanalytics.snowplow/ 		2 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.decido.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.123.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.123.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
via
1.1 google
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
trk.decido.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.decido.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
34.95.123.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.123.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
server
akka-http/10.0.9
date
Fri, 20 Aug 2021 13:46:59 GMT
content-length
0
via
1.1 google
alt-svc
clear
bid
c.amazon-adsystem.com/e/dtb/ 		202 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.yourmoneymagic.com%2F&pid=0Y1uX0S8mHHYQ&cb=0&ws=1600x1200&v=7.67.00&t=1500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22200543535%2Fymm-d-right-2%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22200543535%2Fymm-d-right-1%22%7D%5D&cfgv=0&pubid=8286e92c-64dc-4259-832b-bfd5ea719c01&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
ff9a6714d81bf414d94cfb0874d16444bf0cdef22092dc3323b34749c35048fe

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
181
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-id
WBUVll-_2T73ws-ZJc5tHOAkgMmAsLZDQtOONcOlVOl-ShRM3HHxvQ==
collect
stats.g.doubleclick.net/j/ 		4 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-159955257-2&cid=1842538462.1629467219&jid=83268348&gjid=695237618&_gid=762062473.1629467219&_u=YEBAAEAAAAAAAC~&z=1163949521
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 20 Aug 2021 13:46:59 GMT
content-type
text/plain
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00233858ed764eff5fff74a22bbeff3e00,0090ae6d8da1fdf55ac213843b66e19acc,001817c7b18e4991826aed6737133d61ec,00deecf3d4d0df6642a4174681a36599c2,002257411059aa8ce9e1d8ba029133d141,00b8b9a51f93ad90bb37fa0bf03311c432,00873007ed41f46b00a0aad53b8c7c5861,00c07bb2f296d1b8c50788259764f06c58,001cbf02ee98eabe184167e9650a242b4a
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
X-TraceId
f6a3cd071038a48076d592fbc7ccb98e
Content-Length
56
Content-Type
application/javascript
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ 		110 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Requested by
Host: ccpa.privacymanager.io
URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-13.fra2.r.cloudfront.net
Software
/
Resource Hash
6aa1ac5a5b8d0282a7214e1c53ada2dac9941767f09a68724f96b759b0650059

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
a584f188-a616-43d9-a903-dacbf43d1e3c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-611fb253-306e0ef1764f865d2548089b
x-amz-apigw-id
EXjNFFlroAMFvkA=
content-length
110
x-amz-cf-id
bGEzbOOHpEugwX-55XZDvSwZ58s40teSYMvRDY-9uX5PvAdofMc_7w==
records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Protocol
H2
Server
13.225.87.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-13.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Fri, 20 Aug 2021 13:46:59 GMT
x-amzn-requestid
a312b182-d91c-40bc-8547-99c879f4f800
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
EXjNCG77oAMFnpw=
access-control-allow-methods
GET,OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
O_m5DYGAQUBo_lNYCFn8wPL2Tm2DrzaPYKu3daiaVHsfQamlDSvUxw==
main.89cd5bf4.js
s.pinimg.com/ct/lib/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"6deee3ea7ecc4a5d9687c1bd57018c16"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
17418
access-control-expose-headers
X-CDN
hbjson
grid.bidswitch.net/ 		2 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.yourmoneymagic.com
Date
Fri, 20 Aug 2021 13:46:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2
Content-Type
application/json; charset=UTF-8
prebid
ads.yieldmo.com/exchange/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.38.0&p=%5B%7B%22placement_id%22%3A%22cde36f8d-887a-4fbf-9b93-7a25a8bebd91%22%2C%22callback_id%22%3A%225f72c3dcd46a74%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222718975315790471320%22%7D%2C%7B%22placement_id%22%3A%2233bbc582-9a92-413e-b373-3c8407346a6e%22%2C%22callback_id%22%3A%226516f78b970a82%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222718975315681419415%22%7D%5D&page_url=https%3A%2F%2Fwww.yourmoneymagic.com%2F&bust=1629467219151&pr=&scrd=1&dnt=false&description=&title=Home%20-%20Your%20Money%20Magic&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yourmoneymagic.com
pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		19 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:46:59 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e3577241-8a09-471e-9e54-32194655989b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.yourmoneymagic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
records
gdpr-web-dau-prod.privacymanager.io/kinesis/streams/tcf-web-daily-active-users-prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-web-dau-prod.privacymanager.io/kinesis/streams/tcf-web-daily-active-users-prod/records
Protocol
H2
Server
13.224.196.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-58.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Fri, 20 Aug 2021 13:46:59 GMT
x-amzn-requestid
f340eb38-f8ca-41a9-be01-2084f753170a
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
EXjNCF1uDoEFQQw=
access-control-allow-methods
GET,OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
lTvf2GcL5XJqqLTqrdAfUxglTHQBkDA-qHL9qOBqUzrSkwzs-frDkg==
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96910f017676630c74687d572001ee&pos=8a9698750176766308366882c71001bd&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
7eb3fcbc17e537501fb619e0758d15a3cefa1acd201d6ce8fe408c26e61ef6dc

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 20 Aug 2021 13:46:59 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.yourmoneymagic.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96910f017676630c74687d572001ee&pos=8a969585017676630fef6882c4ee01fe&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
7c1156d744cbab5118215fc365b5ef20f5eb28de21a43647f181ddd3a71b6fe7

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 20 Aug 2021 13:46:59 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.yourmoneymagic.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
auction
tlx.3lift.com/header/ 		19 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.38.0&referrer=https%3A%2F%2Fwww.yourmoneymagic.com%2F&tmax=1500&gdpr=false&us_privacy=1---
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.0.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-0-40.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 20 Aug 2021 13:46:59 GMT
arj
decido-d.openx.net/w/1.0/ 		188 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://decido-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.yourmoneymagic.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=87dc1944-59b0-43a8-821e-032be19db19f%2C557e3dbb-f431-4023-b264-29f9d7d82128&nocache=1629467219159&gdpr=0&us_privacy=1---&aus=300x250%7C300x250%2C300x600%2C160x600&divIds=cde36f8d-887a-4fbf-9b93-7a25a8bebd91%2C33bbc582-9a92-413e-b373-3c8407346a6e&auid=543885741%2C543885737
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
e3cf33f709196b70450b8cd85e6707ff0c30052a5918227924ea322a780815a0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
174
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.32.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-32-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yourmoneymagic.com
date
Fri, 20 Aug 2021 13:46:59 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.32.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-32-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yourmoneymagic.com
date
Fri, 20 Aug 2021 13:46:59 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/ 		25 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=623463&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223078cf412e107dd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.38.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223108b8c4eac87ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623463%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223229721ab20b4e9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623462%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233b2c5f9261e6f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623462%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223439609945ae6e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623462%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223229721ab20b4e9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623462%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223229721ab20b4e9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623462%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
786d8487a0225a7fdaa27bc83ac9f2eb0c37f01e84a159fcdbc8fad3c96792d0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.yourmoneymagic.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Fri, 20 Aug 2021 13:46:59 GMT
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00233858ed764eff5fff74a22bbeff3e00,0090ae6d8da1fdf55ac213843b66e19acc,001817c7b18e4991826aed6737133d61ec,00deecf3d4d0df6642a4174681a36599c2,002257411059aa8ce9e1d8ba029133d141,00b8b9a51f93ad90bb37fa0bf03311c432,00873007ed41f46b00a0aad53b8c7c5861,00c07bb2f296d1b8c50788259764f06c58,001cbf02ee98eabe184167e9650a242b4a&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.yourmoneymagic.com%2F&optOut=false&bust=045508348902055396
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 13:46:59 GMT
Cache-Control
no-cache
X-TraceId
77771f3d0e44fefabf302580f2ba3c0f
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
records
gdpr-web-dau-prod.privacymanager.io/kinesis/streams/tcf-web-daily-active-users-prod/ 		110 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-web-dau-prod.privacymanager.io/kinesis/streams/tcf-web-daily-active-users-prod/records
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.196.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-58.fra2.r.cloudfront.net
Software
/
Resource Hash
b4438f9701e4f8aec0eb544325c8280bb1a35a68e8e7d34c1dd2fb55b50678c3

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
95a2c418-ce59-4342-a946-659d4c26d1fd
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-611fb253-0fbccb007237d4db0e0d6517
x-amz-apigw-id
EXjNDExvDoEFdtQ=
content-length
110
x-amz-cf-id
9DrYCo5kZ7AxV1A5wjNIO7s_uPXlc_5PJ2C7Y2Xl7P68LTIIrR34aA==
244080353332890
connect.facebook.net/signals/config/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/244080353332890?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
090ed462db1d656761af8b2ea5657f074a2b85aabe8babd5076fa726f23fc212
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Cw04a1Wc0/Hqiy/s8rkypzCdymAoamtpdxHYq8MABn94Rc4r8JnImBkexd/C7rB/5GK5+iACTkWOlLLUK/qxlg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 20 Aug 2021 13:46:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=888252224919933&ev=PageView&dl=https%3A%2F%2Fwww.yourmoneymagic.com%2F&rl=&if=false&ts=1629467219218&sw=1600&sh=1200&ud[external_id]=false&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629467219217.1106574955&it=1629467218915&coo=false&rqm=GET
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 20 Aug 2021 13:46:59 GMT
ga-audiences
www.google.com/ads/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-159955257-2&cid=1842538462.1629467219&jid=83268348&_u=YEBAAEAAAAAAAC~&z=2040893226
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-159955257-2&cid=1842538462.1629467219&jid=83268348&_u=YEBAAEAAAAAAAC~&z=2040893226
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		443 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612754544471&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1629467219235
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45eb4a06b8ac41231cacdee781d6a1175ed0dc544c3982b708305b281feaaab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.9d6656b8.1629467219.23b214d
x-envoy-upstream-service-time
13
x-pinterest-rid
4058680893595029
pin-unauth
dWlkPU5ERTFNbVl3T1dFdE0yTTBPUzAwTm1KbExUa3paamN0WkdNNVlUSmhNakJtWXpNMw
access-control-allow-origin
https://www.yourmoneymagic.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
331
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612754544471&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1629467219236
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9d6656b8.1629467219.23b2152
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
5
content-length
35
x-pinterest-rid
2323012572842235
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=244080353332890&ev=PageView&dl=https%3A%2F%2Fwww.yourmoneymagic.com%2F&rl=&if=false&ts=1629467219312&sw=1600&sh=1200&ud[external_id]=false&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629467219217.1106574955&it=1629467218915&coo=false&rqm=GET
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 20 Aug 2021 13:46:59 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.yourmoneymagic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yourmoneymagic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3805009858636596&correlator=2153549562564836&output=ldjh&impl=fifs&eid=31062030%2C31062329%2C21068030%2C31062315%2C20211866%2C31062179%2C31062297&vrg=2021081801&ptt=17&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210820&iu_parts=22200543535%2Cymm-d-right-2%2Cymm-d-right-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250%7C300x600%7C160x600&prev_scp=refreshItInt%3D0%26refreshItExt%3D0%26amznbid%3D2%26amznp%3D2%7CrefreshItInt%3D0%26refreshItExt%3D0%26amznbid%3D2%26amznp%3D2&cookie_enabled=1&bc=31&abxe=1&lmt=1629466951&dt=1629467219404&dlt=1629467218354&idt=465&frm=20&biw=1600&bih=1200&oid=3&adxs=1130%2C1130&adys=128%2C1577&adks=2066978376%2C671781005&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.yourmoneymagic.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x13%7C300x13&msz=300x0%7C300x0&ga_vid=1842538462.1629467219&ga_sid=1629467219&ga_hid=1417853992&ga_fc=false&fws=4%2C4&ohw=1600%2C1600&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ae678694f5923e485b37da28f27136bb7a1fbd49fac1e47ea22e895607674172
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOvqbbev_ICFaDnuwgd2iIDrA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13747390349531621716/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOvqbbev_ICFaDnuwgd2iIDrA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13747390349531621716/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34861
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
date
Fri, 20 Aug 2021 13:46:59 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yourmoneymagic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 50D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 20 Aug 2021 13:46:59 GMT
expires
Sat, 20 Aug 2022 13:46:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ct.pinterest.com/md/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9d6656b8.1629467219.23b22d0
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
8243926926866699
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame E26F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
324 B
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
44848ac40beaedbc356f81cf3864040c06808af8cf02eac9012274e69b4ef8bb

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.yourmoneymagic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
247
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 13:46:59 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 13:46:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 13:46:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=888252224919933&ev=Microdata&dl=https%3A%2F%2Fwww.yourmoneymagic.com%2F&rl=&if=false&ts=1629467219720&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20Your%20Money%20Magic%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Home%20-%20Your%20Money%20Magic%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22og%3Asite_name%22%3A%22Your%20Money%20Magic%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22name%22%3A%22Your%20Money%20Magic%22%2C%22inLanguage%22%3A%22en-US%22%2C%22potentialAction%22%3A%5B%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%5D%7D%2C%7B%22%40type%22%3A%22WebPage%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%23webpage%22%2C%22url%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22name%22%3A%22Home%20-%20Your%20Money%20Magic%22%2C%22isPartOf%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%23website%22%7D%2C%22inLanguage%22%3A%22en-US%22%2C%22datePublished%22%3A%222019-05-08T20%3A27%3A04%2B00%3A00%22%2C%22dateModified%22%3A%222019-05-08T20%3A27%3A04%2B00%3A00%22%2C%22potentialAction%22%3A%5B%7B%22%40type%22%3A%22ReadAction%22%2C%22target%22%3A%5B%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%5D%7D%5D%7D%5D%7D%5D&sw=1600&sh=1200&ud[external_id]=false&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629467219217.1106574955&it=1629467218915&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 20 Aug 2021 13:46:59 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 7462 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
76dea9c74e06fec4adc18bac3af908d1f3a9b8bd9702621b8743bfab6b62bdac

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
usersync
rtb.gumgum.com/ Frame 7462
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=132117834
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=132117834
  • https://sync.1rx.io/usersync/tradedesk/576973cc-bcc9-4bf3-bc1f-2fb16b720e7d
  • https://sync.targeting.unrulymedia.com/csync/RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
date
Fri, 20 Aug 2021 13:47:03 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX011d74f0b10144ba95d7b542f99b9e19003
content-type
text/html
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7462
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=266dfbd2e762d03262f7
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=266dfbd2e762d03262f7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 20 Aug 2021 13:46:59 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=266dfbd2e762d03262f7
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ZxQIsJ_d--YXncf_cd_AxqSRzsuch1imEWBJet0AX7th6Ox5AaBMFA==
um
cs.emxdgt.com/ Frame 7462 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-length
0
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame C902 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d72c80447b30a4ed1899420300a87a9f271abeef1329bed69ac716353a1182f2

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_59353d24-2bcd-40a1-a45c-9278854538b0; Domain=.gumgum.com; Expires=Sat, 20-Aug-2022 13:46:59 GMT; Path=/; Secure; SameSite=None
etag
W/"0e52c8aa30d2368daa1d529a0106fc820"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame DE50 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84c754db56f348cba0f151f0dae4180106bb2aba38e67ed3d0b99457a1bc54df

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YR.yU3uZqQTsMy.dvaeS5gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|111|196|176|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1687
Expires
Fri, 20 Aug 2021 13:46:59 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 20 Aug 2021 13:46:59 GMT
Connection
keep-alive
Set-Cookie
CMID=YR.yU3uZqQTsMy.dvaeS5gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:46:59 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:46:59 GMT CMPRO=1199;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:46:59 GMT CMST=YR+yU2EfslMA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 21 Aug 2021 13:46:59 GMT CMRUM3=2d611fb25305a0&27611fb2530b40&f1611fb25305a0&c4611fb25305a0&2f611fb25305a0&6f611fb25305a0&b0611fb25305a00&e6611fb2532760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:46:59 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3C74
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bdevice_id%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b3e55d71-749e-4e9e-942b-4c720f389c78
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b3e55d71-749e-4e9e-942b-4c720f389c78
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

set-cookie
viewer_token=b3e55d71-749e-4e9e-942b-4c720f389c78; path=/; domain=csync.loopme.me; Expires=Mon, 20-Sep-2021 13:46:59 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=b3e55d71-749e-4e9e-942b-4c720f389c78
content-length
0
date
Fri, 20 Aug 2021 13:46:59 GMT
server
_
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CAFC
Redirect Chain
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:47:00 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx
Date
Fri, 20 Aug 2021 13:47:00 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
admtr=128ec410fb40a005b7628f3dcf5f4c012252cf21; path=/; domain=.admanmedia.com; expires=Sat, 20 Aug 2022 13:47:00 GMT; max-age=31536000 ;SameSite=None; Secure
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=128ec410fb40a005b7628f3dcf5f4c012252cf21
cm
u.openx.net/w/1.0/ Frame 4458 		628 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
0148e955211fca65d7822833507e26851300dfe0225aec5e4e1ce46ae34643f5

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=91ac0111-fe5d-026c-3ab8-cddebf34a3f9|1629467219
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=91ac0111-fe5d-026c-3ab8-cddebf34a3f9|1629467219; Version=1; Expires=Sat, 20-Aug-2022 13:46:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629467219|gen0vNiygu; Version=1; Expires=Sat, 04-Sep-2021 13:46:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 20 Aug 2021 13:46:59 GMT
content-type
text/html
content-length
394
content-encoding
gzip
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4969
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=5283497149401273924&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5283497149401273924&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:47:00 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Fri, 20 Aug 2021 13:47:00 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5283497149401273924&ex=districtm
AN-X-Request-Uuid
add94009-aaf8-47f6-97b4-38b0571dfd6f
Set-Cookie
uuid2=5283497149401273924; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 18-Nov-2021 13:47:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
current
amazon-tam-match.dotomi.com/match/bounce/ Frame AD53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 20 Aug 2021 13:46:59 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6F49
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=7480057154891148900
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=7480057154891148900
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=7480057154891148900; Domain=.turn.com; Expires=Wed, 16-Feb-2022 13:46:59 GMT; Path=/; Secure; SameSite=None
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=7480057154891148900
content-length
0
date
Fri, 20 Aug 2021 13:46:58 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame 36F0 		243 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6c00:0:70b1:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d71b96113bfea93a005f73ca28b4030777dde659a2ab342562547ecae1ed2522

Request headers

:method
GET
:authority
sync-amz.ads.yieldmo.com
:scheme
https
:path
/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/xml
date
Fri, 20 Aug 2021 13:46:59 GMT
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Eg5dnINwLQF-vumLHDFSTyp7OTJZRvDHc5P0lcE7Kv6qTJ4CbULwgQ==
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B2AB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2KKDSk11l2Nb1Mu5ghJfVA0cL6pKVJA-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2KKDSk11l2Nb1Mu5ghJfVA0cL6pKVJA-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1zxp;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Sun, 21-Aug-2022 13:46:59 GMT;Secure;SameSite=None A3=d=AQABBFOyH2ECEPsIoQKowWFpD424m34a2WwFEgEBAQEDIWEpYQAAAAAA_eMAAA&S=AQAAArVhi8TIW5MHjwGhk9SZUwA; Expires=Sat, 20 Aug 2022 19:46:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=6pm8qfpghvcij&b=3&s=92; Expires=Sat, 20 Aug 2022 19:46:59 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-2KKDSk11l2Nb1Mu5ghJfVA0cL6pKVJA-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.138
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A3A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7504711043088332144&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7504711043088332144&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:47:00 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7504711043088332144&ex=appnexus.com
AN-X-Request-Uuid
0db70abb-0505-481e-84ad-229a1ef8053a
Set-Cookie
uuid2=7504711043088332144; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 18-Nov-2021 13:46:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Cookie set amazon
ap.lijit.com/beacon/ Frame BDE2
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
508979db5867dd8600a1dc8ee0deec843a9450e938e3f3ef2670c46db3565130

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=a4adcd079e8cb117de44d735
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjKxVLIyNDM2MDM3szC01FGyMEblGxqg8i3R%2BCYo6msBnqYQcw%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 20-Aug-2022 13:46:59 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=a4adcd079e8cb117de44d735;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

Server
nginx
Date
Fri, 20 Aug 2021 13:46:59 GMT
Content-Length
0
Set-Cookie
ljt_reader=a4adcd079e8cb117de44d735;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6BDB
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=8464313354178260756
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=8464313354178260756
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_n-LoopMe_rx_n-acuityads_ox-db5_dm_cnv_n-amobee_n-smaato_ym_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2KcCD8iWURWoeiaaCtUjoI; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Fri, 20 Aug 2021 13:47:00 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=8464313354178260756
set-cookie
tluid=8464313354178260756; Max-Age=7776000; Expires=Thu, 18 Nov 2021 13:46:59 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=244080353332890&ev=Microdata&dl=https%3A%2F%2Fwww.yourmoneymagic.com%2F&rl=&if=false&ts=1629467219815&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20Your%20Money%20Magic%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Home%20-%20Your%20Money%20Magic%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22og%3Asite_name%22%3A%22Your%20Money%20Magic%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22name%22%3A%22Your%20Money%20Magic%22%2C%22inLanguage%22%3A%22en-US%22%2C%22potentialAction%22%3A%5B%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%5D%7D%2C%7B%22%40type%22%3A%22WebPage%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%23webpage%22%2C%22url%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%2C%22name%22%3A%22Home%20-%20Your%20Money%20Magic%22%2C%22isPartOf%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%23website%22%7D%2C%22inLanguage%22%3A%22en-US%22%2C%22datePublished%22%3A%222019-05-08T20%3A27%3A04%2B00%3A00%22%2C%22dateModified%22%3A%222019-05-08T20%3A27%3A04%2B00%3A00%22%2C%22potentialAction%22%3A%5B%7B%22%40type%22%3A%22ReadAction%22%2C%22target%22%3A%5B%22https%3A%2F%2Fwww.yourmoneymagic.com%2F%22%5D%7D%5D%7D%5D%7D%5D&sw=1600&sh=1200&ud[external_id]=false&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629467219217.1106574955&it=1629467218915&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 20 Aug 2021 13:46:59 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4458 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=1ad64235-4b70-8661-a060-87a1b3205be4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:46:59 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4458
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AJLxtlSR9eMbx_LiUsHtsVOX9-EblfXnUMBSCqGl
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AJLxtlSR9eMbx_LiUsHtsVOX9-EblfXnUMBSCqGl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=AJLxtlSR9eMbx_LiUsHtsVOX9-EblfXnUMBSCqGl
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4458
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8899411281475281671
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8899411281475281671
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8899411281475281671
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=8899411281475281671
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 google
server
OXGW/16.214.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
openx
match.adsrvr.org/track/cmf/ Frame 4458 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=42003e48-57da-3d9b-606e-0536db139004&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4458
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmU2ZmVkODItOWVhZC02MzNmLTc1OGUtNWY4ZjExZjE1ZTY0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmU2ZmVkODItOWVhZC02MzNmLTc1OGUtNWY4ZjExZjE1ZTY0&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmU2ZmVkODItOWVhZC02MzNmLTc1OGUtNWY4ZjExZjE1ZTY0&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmU2ZmVkODItOWVhZC02MzNmLTc1OGUtNWY4ZjExZjE1ZTY0&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4458
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 google
server
OXGW/16.214.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
container.html
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 349B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 20 Aug 2021 13:46:59 GMT
expires
Sat, 20 Aug 2022 13:46:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tp2
trk.decido.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.decido.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
34.95.123.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.123.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
server
akka-http/10.0.9
date
Fri, 20 Aug 2021 13:46:59 GMT
content-length
0
via
1.1 google
alt-svc
clear
tp2
trk.decido.io/com.snowplowanalytics.snowplow/ 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.decido.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.123.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.123.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
via
1.1 google
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286089745720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27752
x-xss-protection
0
expires
Fri, 20 Aug 2021 13:46:59 GMT
container.html
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 20 Aug 2021 13:46:59 GMT
expires
Sat, 20 Aug 2022 13:46:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 28E3 		499 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYu6SKrgEwAQ&v=APEucNWF1xvV0D344mL_YuQ--2NJBDsB_yJ1zPvw4-Tqz2iu_N2-RLG6g8WlmPBjwFU2D5CpxB2Xg6gugCxrne3e11O7E0rZEyL_JOIhqdlAC1nzwwcl_pw
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQt6j7zAIYu6SKrgEwAQ&v=APEucNWF1xvV0D344mL_YuQ--2NJBDsB_yJ1zPvw4-Tqz2iu_N2-RLG6g8WlmPBjwFU2D5CpxB2Xg6gugCxrne3e11O7E0rZEyL_JOIhqdlAC1nzwwcl_pw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 13:46:59 GMT
server
cafe
cache-control
private
content-length
237
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnk3H0EG6kl9RvMzBloQLeLWrs50HS0H0Q-oSh1LZKxstVM6eKMhI7Hj0ou; expires=Wed, 14-Sep-2022 13:46:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 13:46:59 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 349B 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3Q5wX7GXNm6K6a2dIZj0ffjyIV02O0krvBwHVdOc-4X_AjBvZ3VNZIZeezJF-KP558ObxJR6-fWbQI4ssFRnvSfzO2KiDlTXgadnMv2ckjrB74YXSbAB7zn9SkQWClsq2dIy-6j-WTuZfBE5SX9no-7IeJw&dbm_d=AKAmf-DCTXS1ET5a1Oc1JEJB1hBI-XkMWotw9L2GTw72Mc-lV6cfV-WLen416L1gbju6I37-PaqPW9yp_z9e60x8wgBG1K2NeAd6MqCXzQo1t94kVtb7aF8VBwQiT0FI_pBtWqpBCjeSpWyL0UPclD5bc7s-2TWKL7QvzqOwTlzlkRQqYkqak-v2RlVQdgHlrq5uWhUudZBbOaITI-MS84295hdpTG7exXaqY3TNms8BySqsM98uyt_MiJ0yV7h-1Jw05cr6EsYwfZAeo62qP7jP6p76QHvYgAe76gprSmhBtocoNEpSzFcgTVAuEqoJ2rdgBiZwBgDCz2e66r9kx4Tr44h8Y8DebgRnChuedE1H5iGKsO6glIVbxOaqAYewrwK7gRy8dwLCDz9bMxNicvBETSj47LTeHgEjF5xZBv-oMDOt34tadBm5R0ZWqd_FSVX94ozYHX1FHcYQVsD-Jm0Pz8NWByERaZ0BFJw2htbbsz8NlEWgVzw0tG-XhOhBJf0fxcPc-zHSFE4gxSy700YdoCxIdSWwo6qiaeIlhPIxhHR8v4MMK_FSZnHdIxf_WE7ANsTKcopZyCqhHA2MPSOULuvdGP4OUEHKDYJeahmioM0U8Mbbc0CcxlcQy8-BVF3xLzQ8zietwVLunCWju3YKJ-o4aTcTY6-tIHaHCwoy1P_hKQgKZTQL8ioDjz4LO0vKdsVjj5OQczffHACPzGx2tHheh7JErUsYILep1ecBGmu3Fr45pqhWqLl9f7djI_Bs-EM5snYInGnTiX00wGXoyURNn3ZgLuidYDirGxd_3NjBgBtXY4Xmq7_LooFs4UvA9yE6pB24sl0lkLc2bWoqK0LgeRxiwzdLf3LepLHub67GnxvWyQm2n2XWdGX2JnsAxjHbIyb4urNKe2OokU59ZyAKacW4M64GvSCtE-7MJwAv0-ata0s5tpL_OfaCO0Bf76pNUGYvCDMHR2mt2mfO9i99MaC2FrbLEJCD8UixgbQ_myZCbsEJeDjDry1jwWi8aRI8_Q_rvMsEMA1QlEwXMFSRCgXqNu-qoPVqbePaGLoETLs3CcKQRFe3vUKGWokK0T6XrdnXGa9GBYQdx0yIlfeb6QHoOe8-nKqP_RcBjRGDX1Fcy4E9HFanetLT-TKMVULBWr2qK9TDb5TdWWA2ICI1hfgLxc-i_gLRzCJVk-8ntz66kBH8mFViZWqoIYQ56buL7qDAbKjUasmAQlg1GZ0dsmm_M1EpOhhYWORXy8x1v9smGg_X-L2d0LB5o8P_Dxl1-gkcFIDmHwDZF_PvxyPdxeiLg91wJAcj8fTeCOrKofclAeDXMCxrhOUlaC0vdmbJ4YUedoiMqqLH28nh-vaUs9JOLlEHUGfohap2uT9QoSPR90QDFQ9_j2l7S0e2eZ_adIoNqyHhra61TmFr62BtBQijYBbf00Bu25n0MyihD18F4B-CZDmeL2KnhDP8MIt5XrKOzCfhMkFzEC7WMWrbaTt-7wuL9nDwS6e_NYUmBDT8etPuJkzoM9nv13Q6dPauc2tW7Crxih6YytJKfo2lQZSvSSgKc_6WzLZFaQL8KhyYuimBFCkO24UDAhu7tHm-SnMh4I6e6vu5ryKiax4UQ4_l_bB_Au0rz1NcSP2t4fh4n7DLKvNPf5nItCAHzxOSJRumYJuu4VrHNEOMDzy8RCYz0HxjJmWM_NvwltftjFknEJhKyJ0YeiN28QOEpcweMOb-7e3MH_edDOt21y8nZDn-zQ24PZ3USpr1JwPxXJOH7_WpXRjNwlWZJGmPIacOwnagziZ7kVtMnYuWKwmhl2BAUT8Vas9nWAnwbW2011VR9vH-Z6w1BvmzWPX5Wi3QshGXIRFbY_J58FkljWk1DKejj_jH_lb9ZGv50MxH66H_YrpDBnW8EwtMbluCiaDgMXQthafsO1SZ6PhNWFw1XZdTaJItmFKcWkJrVz9xw8uQpQjdF66pGVFq1wPWwcJAxPeH5_mWmsKN0DiEAT6E5ro3dvaU-XQWKHh8IkG1f6DvOVfo58ZnxBwMgkc4IvRRi1ZoNwwdtt3RT2xPOOdzSvUyxCytGRj3Nibin1P1Ojfm8den7iUkdAxvvT0GtQhjfdugQxabDWHwjjnRJFpt05JLHKDJ6PDsdVOH1YL_JHlUv5rlvv12SIeBI2NN5Ica99wSRn9G_rMOK-km9tZvsyYTUybX1LL4apT2veaF19n1R3FbHYeig73XbW2jk-myBC52TQF0Sf47QNJt5qLoMfehPDpvLIla1GkPrNubXf_iPqNdZEp5afSUszUW4-2vFJm7Jpfu3cIxCf-89ljeVWEbOpPcEBk2tfmPRPfko8UOKMkv1LHGOmexSJt0rUAgVH7P11LgLqj3pS02UwyB3UPyNoHIRKPWd-IC8PCMIuY8cB-WJGkmlMDpk9bWmYVlGhLRBXAAZ-kwNpKZ5MNq_QV1Rg7AsyCNIHe6bHl6v73vskIi7OhmxoJ3D7R7OvxGf4LS3GHmmZTj7WNBxXofMjpcA1wXcdqaDmJXs9bcJurmVPBF2NCJVTJy5C9j5zgOaf_iIvwF5dllsdGv8wbfS4ziIV-hx1CuMbEcPl2UagiIQCDyKsmv3SyxT5FExyZ-1RrZLvzSBAD0Lrpq44OMWR_9aREBbJDFGOe8s7H5qqSySD4mWBEGtvLzw1J8nh3h1IHp99jArgr1cTB8b3016WzbpkK9-PtuNYDq_r-r43ia3lUj98tHwDtx5Z16DULfDlsAZWVCosxsVuRU8Sw4BvWjBQ738F1opal25t2l9IPDk1rp__MtROj_iGv9H3RD7mh_5K_1kbViNFGtqZXpJbTIFWh66X4eowgkE5D_47OyeQaJWi79qKAQabXrnPboUrYLMm2FcOQm3dD4pvFOv1Sl71WrRuVkggpckvuVw7bEaVt8xJUNyk4jQeFZqmwyvW0X-61WJrGF6zQXJGlkP3AmPJO2fQX9HqZV8j2LhehJRDrjMkogEhFSXVV1zut4IsVfKAjKp9C_Fea-YSodd_5eyHDTS1uORN83deC7cDJ-ulRuU8bKcqi-3zGxV6bwyU-9p9gOZws-ud8GLYC_qGRnbiffGozJAMDlxaVyN9tu50zDXzG-s9WrXWX7Wbjk6ZXbgdQeJApgK50mHP1oJHiXp4CwZn_Ia2lrziRIRFtQQ9s&cid=CAASFeRozSgIm7vDpkhklTN7yVGDPJtwsg&rfl=1%2Chttps%253A%252F%252Fwww.yourmoneymagic.com%252F%240
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e1925a4d5b7b53f708980705003d161d5e9897e462d954f8ef9a17868d27333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28425
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 349B 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2hvX9NLcLT7Yz79aoIOwDDgqOC-PF3XjYPcpF2Buk8oJuxKhZrl7DCGNo6D6LgFVs4Ooar3t_Yxw9AddRnQjm6cXFIwFG4BUhHmsSaXxku7A41qQ
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:46:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 349B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 349B 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 13:46:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 349B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:46:18 GMT
l
www.google.com/ads/measurement/ Frame 349B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbBGi0OXgrW_AQGe76jAG_H65KZXsaU5xFKfj1Ia7Fa4taaD-f_hnvrzkF2FWqvIHU9RLRo2IJLNTBL65hu6kRXQzHdA
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/ Frame A489 		24 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed9ab377316d9cc80f3f365ae55f31d2083823b9866c2604f79844266ad668cc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/13747390349531621716/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 17 Aug 2021 04:43:07 GMT
expires
Wed, 17 Aug 2022 04:43:07 GMT
last-modified
Wed, 04 Aug 2021 09:07:24 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
18356
age
291832
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame C9F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkNOkU7IfYaO6HaDP7_UP2sWM4ArN2MTSZJm5-Ob2DfD9xaGRDhABINjE-H9g9ZXOgeAEoAGT6t7XA8gBCakCDqjL0mBHsj7gAgCoAwHIAwiqBOUBT9CT_HBYbVb27xcF1Hxn4yXmGF0uV8yybM_H3rHoA-m_bd-vDjDsYAM0dQaCz12cefBvd2yISOddvvVVok73l3cp6j0Ynu4hE_iost4_KXUdAxNisHEr2yJ9HOoU1NKW93KooHSvF8gqKqqITeP3GM0CdJfSEo50Y2IoO5xOMKFUXmHTiLYVgiSD51CMg9h9syLoS9ABs57zLy6MyEl1sHQphtu15vWWR5Lx6eRK8NRPQhuuHgtRMyFB36mqH46PKE7ncT7NzBI-HsGTTn2muO24iB45N4CoIz5NLNimkCA00D88z8AEybLUyMsD4AQBkgUECAQYAZIFBAgFGASgBi6AB9WVoSioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQiOob0ggHCIhhEAEYHYAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi00NTc2OTg5MDE5NDE3MDg2GIf0dw&sigh=WlOzb96_3Vo&template_id=419
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame C9F8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:41:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C9F8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:43:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C9F8 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629286078051219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38195
x-xss-protection
0
expires
Fri, 20 Aug 2021 13:46:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame C9F8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:46:18 GMT
casale
match.adsrvr.org/track/cmf/ Frame DE50 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YR.yU3uZqQTsMy.dvaeS5gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame DE50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-yU3uZqQTsMy-dvaeS5gAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMkws5oN7tTxT8pMSREvIfY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMkws5oN7tTxT8pMSREvIfY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMkws5oN7tTxT8pMSREvIfY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DE50
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR.yU3uZqQTsMy.dvaeS5gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
325
Expires
Fri, 20 Aug 2021 13:47:01 GMT
dcm
s.amazon-adsystem.com/ Frame DE50 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yU3uZqQTsMy-dvaeS5gAABK8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JWS0MWWJ89MP381GHSBB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DE50
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8232637830751059744&expiration=1630676820
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8232637830751059744&expiration=1630676820
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8232637830751059744&expiration=1630676820
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame DE50
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030002_611fb254149c7&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_611fb254149c7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_611fb254149c7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:00 GMT

Redirect headers

date
Fri, 20 Aug 2021 13:47:00 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030002_611fb254149c7
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
113
match.deepintent.com/usersync/ Frame DE50 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-length
0
server
a
crum
dsum-sec.casalemedia.com/ Frame DE50
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h24B1z8d1Mh4Rp5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h24B1z8d1Mh4Rp5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:03 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-07ed93884cf47b6e0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h24B1z8d1Mh4Rp5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DE50 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YR-yU3uZqQTsMy-dvaeS5gAABK8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7504711043088332144
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7504711043088332144
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:05 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:05 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d3c4073a-089d-4f60-80f0-164b55588ee0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7504711043088332144
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_59353d24-2bcd-40a1-a45c-9278854538b0&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_59353d24-2bcd-40a1-a45c-9278854538b0&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=509a5418-efcc-4f85-8083-8f2a9f7b99e9&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=ecb857ac-eb21-4450-a91f-17f6b60e2094
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=ecb857ac-eb21-4450-a91f-17f6b60e2094
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=ecb857ac-eb21-4450-a91f-17f6b60e2094
date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-450de8ce-5b27-4d1a-5b0b-ab5e1173e9d2$ip$185.156.175.109
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-450de8ce-5b27-4d1a-5b0b-ab5e1173e9d2$ip$185.156.175.109
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-450de8ce-5b27-4d1a-5b0b-ab5e1173e9d2$ip$185.156.175.109
Date
Fri, 20 Aug 2021 13:47:07 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_59353d24-2bcd-40a1-a45c-9278854538b0&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
sync.targeting.unrulymedia.com/csync/ Frame C902
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=630537724
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=630537724
  • https://sync.1rx.io/usersync/tradedesk/576973cc-bcc9-4bf3-bc1f-2fb16b720e7d
  • https://sync.targeting.unrulymedia.com/csync/RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:03 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-011d74f0-b101-44ba-95d7-b542f99b9e19-003
pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=nV1pUmXC9TC7&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=nV1pUmXC9TC7&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=nV1pUmXC9TC7&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84459f4bbf-p4g9z
expires
-1
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jGjK-WPYLm_hKAeX0F2Uo63Dn6iZmpaBvlVFGqAf39WVtA1nA78prLMx4Csz-sip%29
Date
Fri, 20 Aug 2021 13:47:07 GMT
Connection
close
X-TraceId
d8f5aae544f4c7c48bda7d5c2479e298
Content-Length
0
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=b53d9a38-7fcf-05cd-0715-15db13439142
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=b53d9a38-7fcf-05cd-0715-15db13439142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=b53d9a38-7fcf-05cd-0715-15db13439142
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-TqJUZ6FE2peD2Wk7nkOKIP598NeO5t.qDb2e~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-TqJUZ6FE2peD2Wk7nkOKIP598NeO5t.qDb2e~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 20 Aug 2021 13:47:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-TqJUZ6FE2peD2Wk7nkOKIP598NeO5t.qDb2e~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=188c09dd-01bd-11ec-b26e-c9d3dcad15c2
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=188c09dd-01bd-11ec-b26e-c9d3dcad15c2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=188c09dd-01bd-11ec-b26e-c9d3dcad15c2
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
188c09de-01bd-11ec-b26e-c9d3dcad15c2
services
sync.technoratimedia.com/ Frame C902 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
816817244
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame C902 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:46:59 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=703940ce-e908-4cf8-b742-9e0924c1540e
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=703940ce-e908-4cf8-b742-9e0924c1540e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=703940ce-e908-4cf8-b742-9e0924c1540e
date
Fri, 20 Aug 2021 13:47:07 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame C902
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=7005587531150482270&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=7005587531150482270&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=7005587531150482270&gdpr=1&gdpr_consent=
date
Fri, 20 Aug 2021 13:46:59 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C902 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_59353d24-2bcd-40a1-a45c-9278854538b0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F144 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=134178
expires
Sun, 22 Aug 2021 03:03:25 GMT
date
Fri, 20 Aug 2021 13:47:07 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 809F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d&t=1632059220
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d&t=1632059220
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d&t=1632059220
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_59353d24-2bcd-40a1-a45c-9278854538b0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d&t=1632059220
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=576973cc-bcc9-4bf3-bc1f-2fb16b720e7d; domain=.adsrvr.org; expires=Sat, 20-Aug-2022 13:47:00 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjg6q7x9vrxORAFOAE.; domain=.adsrvr.org; expires=Sat, 20-Aug-2022 13:47:00 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 00AD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KSKEPLSR-11-O3N; audit=1|uGiMNKgBE5jXa8Ybn2WPiksbnABkgDEHZa0CbQ7H/khzGKu6Ep0WnpdoDkcW3l8tJD4t77gOdTdCqQ3+tQhlLHMDvubSxZCG6XkpxWjLVqA2lbIZpOyshevdGJvCae5zoxw3IrM1QdF01qAbJMnMkb36B19O7vOZ3sp+uxZOeRk6MWqnocaYWw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Aug 2021 13:47:00 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Fri, 20 Aug 2021 13:47:00 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame BB52
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=c92b611f-b256-4b00-b2ff-fee343ce8fa3&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=c92b611f-b256-4b00-b2ff-fee343ce8fa3&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=c92b611f-b256-4b00-b2ff-fee343ce8fa3&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 20 Aug 2021 13:49:43 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3853 9552a83 master cdg-pixel-x30
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=c92b611f-b256-4b00-b2ff-fee343ce8fa3; domain=.mathtag.com; path=/; expires=Sat, 17-Sep-2022 13:47:02 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=c92b611f-b256-4b00-b2ff-fee343ce8fa3&gdpr=&gdpr_consent=
Expires
Fri, 20 Aug 2021 13:49:42 GMT
usersync
rtb.gumgum.com/ Frame F9A6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
  • https://rtb.gumgum.com/usersync?b=atm&i=YR_yVQADp3vN0ABg&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YR_yVQADp3vN0ABg&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YR_yVQADp3vN0ABg&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 20 Aug 2021 13:47:01 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YR_yVQADp3vN0ABg&gdpr=&gdpr_consent=&_test=YR_yVQADp3vN0ABg
accept-ranges
bytes
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 varnish
x-served-by
cache-fra19175-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1629467222.649522,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0162 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTM1M2QyNC0yYmNkLTQwYTEtYTQ1Yy05Mjc4ODU0NTM4YjA=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV81OTM1M2QyNC0yYmNkLTQwYTEtYTQ1Yy05Mjc4ODU0NTM4YjA=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkd3f2yAbr5bWxzG0ODghiW6iSX3zAF2v5kUpY_5fIGwUxM6y4lC9ZHreBToL0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Fri, 20 Aug 2021 13:47:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ssc-cms.33across.com/ps/ Frame ADF2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2020008
server
33XP005
date
Fri, 20 Aug 2021 13:47:02 GMT
um
cs.emxdgt.com/ Frame FCC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Fri, 20 Aug 2021 13:47:00 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 0683
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YR.yW8Co8XsAAIQrgmQAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YR.yW8Co8XsAAIQrgmQAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YR.yW8Co8XsAAIQrgmQAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 20 Aug 2021 13:47:08 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Fri, 20 Aug 2021 13:47:08 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YR.yW8Co8XsAAIQrgmQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YR.yW8Co8XsAAIQrgmQAAAAA; path=/; expires=Sun, 20-Aug-23 13:47:07 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
349
X-SO-HostName
m-ad21.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":4,"gdpr":false,"ipv4":"185.156.175.109","key":"YR.yW8Co8XsAAIQrgmQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad21"}
X-SO-Key
YR.yW8Co8XsAAIQrgmQAAAAA
X-SO-IP
185.156.175.109
X-SO-Cluster-ID
4
X-SO-Upstream-ID
m-ad21
usersync
rtb.gumgum.com/ Frame 74BB
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1870471597561447063
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1870471597561447063
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1870471597561447063
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 20 Aug 2021 13:47:07 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmRpYmZuZGRubGkJAKwjC5IQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 14 Sep 2022 13:47:07 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDc1MzQxMTcwMxbiM9QNLLLMMs02CHEyKU-V4jU0M7I0MTM3MjI3trQAAJaY-Rs0AAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 14 Sep 2022 13:47:07 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDc1MzQxMTcwMxbiM9QNLLLMMs02CHEyKU8FAKQMoyYlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1870471597561447063
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 1EC2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=fOGQvmY7V4s8jUGSzZtp&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=fOGQvmY7V4s8jUGSzZtp&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=fOGQvmY7V4s8jUGSzZtp&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 20 Aug 2021 13:47:07 GMT Fri, 20 Aug 2021 13:47:07 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=fOGQvmY7V4s8jUGSzZtp&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BDE2 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=a4adcd079e8cb117de44d735&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame BDE2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l99qVsPcbgOMimkCxYx2UcTabAGM2G4Hx43zSTwp
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l99qVsPcbgOMimkCxYx2UcTabAGM2G4Hx43zSTwp
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=l99qVsPcbgOMimkCxYx2UcTabAGM2G4Hx43zSTwp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame BDE2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1871878972495600779
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1871878972495600779
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1871878972495600779
Date
Fri, 20 Aug 2021 13:47:07 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame BDE2
Redirect Chain
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=90&3pid=fc02af13-8184-49ea-9866-a3462c4b968c&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=90&3pid=fc02af13-8184-49ea-9866-a3462c4b968c&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
server
nginx/1.12.1
location
https://ce.lijit.com/merge?pid=90&3pid=fc02af13-8184-49ea-9866-a3462c4b968c&gdpr=0&gdpr_consent=
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
merge
ce.lijit.com/ Frame BDE2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=ougeErcNHGor&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=ougeErcNHGor&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=ougeErcNHGor&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84459f4bbf-g89tn
expires
-1
merge
ce.lijit.com/ Frame BDE2
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KSKEPLSR-11-O3N&gdpr=0
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KSKEPLSR-11-O3N&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KSKEPLSR-11-O3N&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 28E3 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYu6SKrgEwAQ&v=APEucNWF1xvV0D344mL_YuQ--2NJBDsB_yJ1zPvw4-Tqz2iu_N2-RLG6g8WlmPBjwFU2D5CpxB2Xg6gugCxrne3e11O7E0rZEyL_JOIhqdlAC1nzwwcl_pw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&gdpr=0&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYu6SKrgEwAQ&v=APEucNWF1xvV0D344mL_YuQ--2NJBDsB_yJ1zPvw4-Tqz2iu_N2-RLG6g8WlmPBjwFU2D5CpxB2Xg6gugCxrne3e11O7E0rZEyL_JOIhqdlAC1nzwwcl_pw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&gdpr=0&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
319
Expires
Fri, 20 Aug 2021 13:47:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR.yU3uZqQTsMy.dvaeS5gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYu6SKrgEwAQ&v=APEucNWF1xvV0D344mL_YuQ--2NJBDsB_yJ1zPvw4-Tqz2iu_N2-RLG6g8WlmPBjwFU2D5CpxB2Xg6gugCxrne3e11O7E0rZEyL_JOIhqdlAC1nzwwcl_pw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX9XHS9SZiJcOMMs5fAeCE&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
324
Expires
Fri, 20 Aug 2021 13:47:01 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A489 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 20 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A489 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 21 Aug 2021 12:37:33 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A489 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Aug 2021 13:47:00 GMT
vF300x600_MBM_Editortemplate.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/ Frame A489 		27 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/vF300x600_MBM_Editortemplate.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3fb140917e4a19988c60805d43030dda3837d711aa9867b3f648c2961d75b25
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
291833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16877
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 09:07:24 GMT
server
sffe
date
Tue, 17 Aug 2021 04:43:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 04:43:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CB71 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkd3f2yAbr5bWxzG0ODghiW6iSX3zAF2v5kUpY_5fIGwUxM6y4lC9ZHreBToL0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 20 Aug 2021 13:16:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1827
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 349B 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 07:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Aug 2021 07:15:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame 349B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3Q5wX7GXNm6K6a2dIZj0ffjyIV02O0krvBwHVdOc-4X_AjBvZ3VNZIZeezJF-KP558ObxJR6-fWbQI4ssFRnvSfzO2KiDlTXgadnMv2ckjrB74YXSbAB7zn9SkQWClsq2dIy-6j-WTuZfBE5SX9no-7IeJw&dbm_d=AKAmf-DCTXS1ET5a1Oc1JEJB1hBI-XkMWotw9L2GTw72Mc-lV6cfV-WLen416L1gbju6I37-PaqPW9yp_z9e60x8wgBG1K2NeAd6MqCXzQo1t94kVtb7aF8VBwQiT0FI_pBtWqpBCjeSpWyL0UPclD5bc7s-2TWKL7QvzqOwTlzlkRQqYkqak-v2RlVQdgHlrq5uWhUudZBbOaITI-MS84295hdpTG7exXaqY3TNms8BySqsM98uyt_MiJ0yV7h-1Jw05cr6EsYwfZAeo62qP7jP6p76QHvYgAe76gprSmhBtocoNEpSzFcgTVAuEqoJ2rdgBiZwBgDCz2e66r9kx4Tr44h8Y8DebgRnChuedE1H5iGKsO6glIVbxOaqAYewrwK7gRy8dwLCDz9bMxNicvBETSj47LTeHgEjF5xZBv-oMDOt34tadBm5R0ZWqd_FSVX94ozYHX1FHcYQVsD-Jm0Pz8NWByERaZ0BFJw2htbbsz8NlEWgVzw0tG-XhOhBJf0fxcPc-zHSFE4gxSy700YdoCxIdSWwo6qiaeIlhPIxhHR8v4MMK_FSZnHdIxf_WE7ANsTKcopZyCqhHA2MPSOULuvdGP4OUEHKDYJeahmioM0U8Mbbc0CcxlcQy8-BVF3xLzQ8zietwVLunCWju3YKJ-o4aTcTY6-tIHaHCwoy1P_hKQgKZTQL8ioDjz4LO0vKdsVjj5OQczffHACPzGx2tHheh7JErUsYILep1ecBGmu3Fr45pqhWqLl9f7djI_Bs-EM5snYInGnTiX00wGXoyURNn3ZgLuidYDirGxd_3NjBgBtXY4Xmq7_LooFs4UvA9yE6pB24sl0lkLc2bWoqK0LgeRxiwzdLf3LepLHub67GnxvWyQm2n2XWdGX2JnsAxjHbIyb4urNKe2OokU59ZyAKacW4M64GvSCtE-7MJwAv0-ata0s5tpL_OfaCO0Bf76pNUGYvCDMHR2mt2mfO9i99MaC2FrbLEJCD8UixgbQ_myZCbsEJeDjDry1jwWi8aRI8_Q_rvMsEMA1QlEwXMFSRCgXqNu-qoPVqbePaGLoETLs3CcKQRFe3vUKGWokK0T6XrdnXGa9GBYQdx0yIlfeb6QHoOe8-nKqP_RcBjRGDX1Fcy4E9HFanetLT-TKMVULBWr2qK9TDb5TdWWA2ICI1hfgLxc-i_gLRzCJVk-8ntz66kBH8mFViZWqoIYQ56buL7qDAbKjUasmAQlg1GZ0dsmm_M1EpOhhYWORXy8x1v9smGg_X-L2d0LB5o8P_Dxl1-gkcFIDmHwDZF_PvxyPdxeiLg91wJAcj8fTeCOrKofclAeDXMCxrhOUlaC0vdmbJ4YUedoiMqqLH28nh-vaUs9JOLlEHUGfohap2uT9QoSPR90QDFQ9_j2l7S0e2eZ_adIoNqyHhra61TmFr62BtBQijYBbf00Bu25n0MyihD18F4B-CZDmeL2KnhDP8MIt5XrKOzCfhMkFzEC7WMWrbaTt-7wuL9nDwS6e_NYUmBDT8etPuJkzoM9nv13Q6dPauc2tW7Crxih6YytJKfo2lQZSvSSgKc_6WzLZFaQL8KhyYuimBFCkO24UDAhu7tHm-SnMh4I6e6vu5ryKiax4UQ4_l_bB_Au0rz1NcSP2t4fh4n7DLKvNPf5nItCAHzxOSJRumYJuu4VrHNEOMDzy8RCYz0HxjJmWM_NvwltftjFknEJhKyJ0YeiN28QOEpcweMOb-7e3MH_edDOt21y8nZDn-zQ24PZ3USpr1JwPxXJOH7_WpXRjNwlWZJGmPIacOwnagziZ7kVtMnYuWKwmhl2BAUT8Vas9nWAnwbW2011VR9vH-Z6w1BvmzWPX5Wi3QshGXIRFbY_J58FkljWk1DKejj_jH_lb9ZGv50MxH66H_YrpDBnW8EwtMbluCiaDgMXQthafsO1SZ6PhNWFw1XZdTaJItmFKcWkJrVz9xw8uQpQjdF66pGVFq1wPWwcJAxPeH5_mWmsKN0DiEAT6E5ro3dvaU-XQWKHh8IkG1f6DvOVfo58ZnxBwMgkc4IvRRi1ZoNwwdtt3RT2xPOOdzSvUyxCytGRj3Nibin1P1Ojfm8den7iUkdAxvvT0GtQhjfdugQxabDWHwjjnRJFpt05JLHKDJ6PDsdVOH1YL_JHlUv5rlvv12SIeBI2NN5Ica99wSRn9G_rMOK-km9tZvsyYTUybX1LL4apT2veaF19n1R3FbHYeig73XbW2jk-myBC52TQF0Sf47QNJt5qLoMfehPDpvLIla1GkPrNubXf_iPqNdZEp5afSUszUW4-2vFJm7Jpfu3cIxCf-89ljeVWEbOpPcEBk2tfmPRPfko8UOKMkv1LHGOmexSJt0rUAgVH7P11LgLqj3pS02UwyB3UPyNoHIRKPWd-IC8PCMIuY8cB-WJGkmlMDpk9bWmYVlGhLRBXAAZ-kwNpKZ5MNq_QV1Rg7AsyCNIHe6bHl6v73vskIi7OhmxoJ3D7R7OvxGf4LS3GHmmZTj7WNBxXofMjpcA1wXcdqaDmJXs9bcJurmVPBF2NCJVTJy5C9j5zgOaf_iIvwF5dllsdGv8wbfS4ziIV-hx1CuMbEcPl2UagiIQCDyKsmv3SyxT5FExyZ-1RrZLvzSBAD0Lrpq44OMWR_9aREBbJDFGOe8s7H5qqSySD4mWBEGtvLzw1J8nh3h1IHp99jArgr1cTB8b3016WzbpkK9-PtuNYDq_r-r43ia3lUj98tHwDtx5Z16DULfDlsAZWVCosxsVuRU8Sw4BvWjBQ738F1opal25t2l9IPDk1rp__MtROj_iGv9H3RD7mh_5K_1kbViNFGtqZXpJbTIFWh66X4eowgkE5D_47OyeQaJWi79qKAQabXrnPboUrYLMm2FcOQm3dD4pvFOv1Sl71WrRuVkggpckvuVw7bEaVt8xJUNyk4jQeFZqmwyvW0X-61WJrGF6zQXJGlkP3AmPJO2fQX9HqZV8j2LhehJRDrjMkogEhFSXVV1zut4IsVfKAjKp9C_Fea-YSodd_5eyHDTS1uORN83deC7cDJ-ulRuU8bKcqi-3zGxV6bwyU-9p9gOZws-ud8GLYC_qGRnbiffGozJAMDlxaVyN9tu50zDXzG-s9WrXWX7Wbjk6ZXbgdQeJApgK50mHP1oJHiXp4CwZn_Ia2lrziRIRFtQQ9s&cid=CAASFeRozSgIm7vDpkhklTN7yVGDPJtwsg&rfl=1%2Chttps%253A%252F%252Fwww.yourmoneymagic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:45:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:45:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 349B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3Q5wX7GXNm6K6a2dIZj0ffjyIV02O0krvBwHVdOc-4X_AjBvZ3VNZIZeezJF-KP558ObxJR6-fWbQI4ssFRnvSfzO2KiDlTXgadnMv2ckjrB74YXSbAB7zn9SkQWClsq2dIy-6j-WTuZfBE5SX9no-7IeJw&dbm_d=AKAmf-DCTXS1ET5a1Oc1JEJB1hBI-XkMWotw9L2GTw72Mc-lV6cfV-WLen416L1gbju6I37-PaqPW9yp_z9e60x8wgBG1K2NeAd6MqCXzQo1t94kVtb7aF8VBwQiT0FI_pBtWqpBCjeSpWyL0UPclD5bc7s-2TWKL7QvzqOwTlzlkRQqYkqak-v2RlVQdgHlrq5uWhUudZBbOaITI-MS84295hdpTG7exXaqY3TNms8BySqsM98uyt_MiJ0yV7h-1Jw05cr6EsYwfZAeo62qP7jP6p76QHvYgAe76gprSmhBtocoNEpSzFcgTVAuEqoJ2rdgBiZwBgDCz2e66r9kx4Tr44h8Y8DebgRnChuedE1H5iGKsO6glIVbxOaqAYewrwK7gRy8dwLCDz9bMxNicvBETSj47LTeHgEjF5xZBv-oMDOt34tadBm5R0ZWqd_FSVX94ozYHX1FHcYQVsD-Jm0Pz8NWByERaZ0BFJw2htbbsz8NlEWgVzw0tG-XhOhBJf0fxcPc-zHSFE4gxSy700YdoCxIdSWwo6qiaeIlhPIxhHR8v4MMK_FSZnHdIxf_WE7ANsTKcopZyCqhHA2MPSOULuvdGP4OUEHKDYJeahmioM0U8Mbbc0CcxlcQy8-BVF3xLzQ8zietwVLunCWju3YKJ-o4aTcTY6-tIHaHCwoy1P_hKQgKZTQL8ioDjz4LO0vKdsVjj5OQczffHACPzGx2tHheh7JErUsYILep1ecBGmu3Fr45pqhWqLl9f7djI_Bs-EM5snYInGnTiX00wGXoyURNn3ZgLuidYDirGxd_3NjBgBtXY4Xmq7_LooFs4UvA9yE6pB24sl0lkLc2bWoqK0LgeRxiwzdLf3LepLHub67GnxvWyQm2n2XWdGX2JnsAxjHbIyb4urNKe2OokU59ZyAKacW4M64GvSCtE-7MJwAv0-ata0s5tpL_OfaCO0Bf76pNUGYvCDMHR2mt2mfO9i99MaC2FrbLEJCD8UixgbQ_myZCbsEJeDjDry1jwWi8aRI8_Q_rvMsEMA1QlEwXMFSRCgXqNu-qoPVqbePaGLoETLs3CcKQRFe3vUKGWokK0T6XrdnXGa9GBYQdx0yIlfeb6QHoOe8-nKqP_RcBjRGDX1Fcy4E9HFanetLT-TKMVULBWr2qK9TDb5TdWWA2ICI1hfgLxc-i_gLRzCJVk-8ntz66kBH8mFViZWqoIYQ56buL7qDAbKjUasmAQlg1GZ0dsmm_M1EpOhhYWORXy8x1v9smGg_X-L2d0LB5o8P_Dxl1-gkcFIDmHwDZF_PvxyPdxeiLg91wJAcj8fTeCOrKofclAeDXMCxrhOUlaC0vdmbJ4YUedoiMqqLH28nh-vaUs9JOLlEHUGfohap2uT9QoSPR90QDFQ9_j2l7S0e2eZ_adIoNqyHhra61TmFr62BtBQijYBbf00Bu25n0MyihD18F4B-CZDmeL2KnhDP8MIt5XrKOzCfhMkFzEC7WMWrbaTt-7wuL9nDwS6e_NYUmBDT8etPuJkzoM9nv13Q6dPauc2tW7Crxih6YytJKfo2lQZSvSSgKc_6WzLZFaQL8KhyYuimBFCkO24UDAhu7tHm-SnMh4I6e6vu5ryKiax4UQ4_l_bB_Au0rz1NcSP2t4fh4n7DLKvNPf5nItCAHzxOSJRumYJuu4VrHNEOMDzy8RCYz0HxjJmWM_NvwltftjFknEJhKyJ0YeiN28QOEpcweMOb-7e3MH_edDOt21y8nZDn-zQ24PZ3USpr1JwPxXJOH7_WpXRjNwlWZJGmPIacOwnagziZ7kVtMnYuWKwmhl2BAUT8Vas9nWAnwbW2011VR9vH-Z6w1BvmzWPX5Wi3QshGXIRFbY_J58FkljWk1DKejj_jH_lb9ZGv50MxH66H_YrpDBnW8EwtMbluCiaDgMXQthafsO1SZ6PhNWFw1XZdTaJItmFKcWkJrVz9xw8uQpQjdF66pGVFq1wPWwcJAxPeH5_mWmsKN0DiEAT6E5ro3dvaU-XQWKHh8IkG1f6DvOVfo58ZnxBwMgkc4IvRRi1ZoNwwdtt3RT2xPOOdzSvUyxCytGRj3Nibin1P1Ojfm8den7iUkdAxvvT0GtQhjfdugQxabDWHwjjnRJFpt05JLHKDJ6PDsdVOH1YL_JHlUv5rlvv12SIeBI2NN5Ica99wSRn9G_rMOK-km9tZvsyYTUybX1LL4apT2veaF19n1R3FbHYeig73XbW2jk-myBC52TQF0Sf47QNJt5qLoMfehPDpvLIla1GkPrNubXf_iPqNdZEp5afSUszUW4-2vFJm7Jpfu3cIxCf-89ljeVWEbOpPcEBk2tfmPRPfko8UOKMkv1LHGOmexSJt0rUAgVH7P11LgLqj3pS02UwyB3UPyNoHIRKPWd-IC8PCMIuY8cB-WJGkmlMDpk9bWmYVlGhLRBXAAZ-kwNpKZ5MNq_QV1Rg7AsyCNIHe6bHl6v73vskIi7OhmxoJ3D7R7OvxGf4LS3GHmmZTj7WNBxXofMjpcA1wXcdqaDmJXs9bcJurmVPBF2NCJVTJy5C9j5zgOaf_iIvwF5dllsdGv8wbfS4ziIV-hx1CuMbEcPl2UagiIQCDyKsmv3SyxT5FExyZ-1RrZLvzSBAD0Lrpq44OMWR_9aREBbJDFGOe8s7H5qqSySD4mWBEGtvLzw1J8nh3h1IHp99jArgr1cTB8b3016WzbpkK9-PtuNYDq_r-r43ia3lUj98tHwDtx5Z16DULfDlsAZWVCosxsVuRU8Sw4BvWjBQ738F1opal25t2l9IPDk1rp__MtROj_iGv9H3RD7mh_5K_1kbViNFGtqZXpJbTIFWh66X4eowgkE5D_47OyeQaJWi79qKAQabXrnPboUrYLMm2FcOQm3dD4pvFOv1Sl71WrRuVkggpckvuVw7bEaVt8xJUNyk4jQeFZqmwyvW0X-61WJrGF6zQXJGlkP3AmPJO2fQX9HqZV8j2LhehJRDrjMkogEhFSXVV1zut4IsVfKAjKp9C_Fea-YSodd_5eyHDTS1uORN83deC7cDJ-ulRuU8bKcqi-3zGxV6bwyU-9p9gOZws-ud8GLYC_qGRnbiffGozJAMDlxaVyN9tu50zDXzG-s9WrXWX7Wbjk6ZXbgdQeJApgK50mHP1oJHiXp4CwZn_Ia2lrziRIRFtQQ9s&cid=CAASFeRozSgIm7vDpkhklTN7yVGDPJtwsg&rfl=1%2Chttps%253A%252F%252Fwww.yourmoneymagic.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Sep 2021 13:43:46 GMT
truncated
/ Frame C9F8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeaeb3a84a897619e4d725b6483171bc97474df901342a2350a4c7d1a5a5555c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cube.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/ Frame A489 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/cube.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f035ed43c4fdc98696fa608b233927c91f4ccdf036719ee5b186d7074e175d0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
112136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22897
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 09:07:24 GMT
server
sffe
date
Thu, 19 Aug 2021 06:38:04 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 06:38:04 GMT
index.html
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame 26CB 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1438
date
Fri, 20 Aug 2021 12:08:31 GMT
expires
Sat, 21 Aug 2021 12:08:31 GMT
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
5909
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 349B 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstN5Ulwb1GwRwZuwyWSQJke3wQnfkUhuH5muBwg2ID5_9QfCxl5NvROxNnfuc8eTF8r4EbLYZCp59541CywY9ixFxMDTPkF00RupsCo10uk3ZG2duXw7MZBZscFI2ZTCO1dms1953cBbHU16GBTwo5rHIiXmNYOfANT0w_KZD1nFVOwH1lyN2qzA5k1of4OHhb-I2JxgIXtZs_rhXE5_w_shBbyptWoFuDcW8ilkDIJ8--bc1Hf-lAF32PiQAxLaH4ekdL4-tMj6HYV9sie1tQzj0kevXLIOVrLiJID-kvouSWJC0NjKjgBuwW4oWG0R7eOqpSJDTMahP7OngAfVvBEXU7P-fk4KImGrS4Pd2E2Y_qyH5OJ_7lqkTgJUelJ0UeaECJDrgw64jzghIvU59z37P5v-Y1Z6G7BBVflUGMXKPVyIMB_hYvKP0K9RbC-HUkYaXRi9T93rYbWNvspS70OYJm-ATPvYIc-omiByQtI1KZ8D7_P221Yg6e7xaVYL9iQYCMjfddyLl1uHbSU1QS51RbS68F47N1n7NOKc4d9K8IhIypTLUYxCFy6QnBCLh4S5WUqWZPgfITMiXRvc_TYqWr0IwoJ_UKCC3HaBK8lRKr0-NQRBXro3wStojZZgczOvd6vaAcU-7d9HMBo01uinxWSzAURwO8EM6Fn_cK9rUN4KLSSWXTgnOeq87ejYrP3XpUIBNR_i8K-r2Jn71C4cg2JDBFVrTgVnNAJq33eXXIRnCiYttjM25gOFRvoaZ8XQ40J1sfLa5jeTZEPh8I2sDY8zgcii28xnzJwDA3Ia9eon6VCTXQ203LN37M1n7lB0C3gnJdmNERbinIh8ZCBH3AHgGEpwpaIxt8GcEc34lJWjGjzKTPzOruW0aG9UspWLfm3Grhsbv3OARZEGDAn20yCIdzh8mbIPJeXq0qhRlW2w2u8JE8LA0OVrtcGtl3Ss7RMu-iPFs_j689gPCvJInrdZx6pAsI4uO0rUToCctPxPnw0cs7kVp6w1aPd1cop2TUC7v6_VOvMlU9RMwpik3bi54DGbbJ4Nky3ZwocLXJmetefqecvsfjvmRk7lVeVyYfIM7wLT_kI_YTlviYTZR0u3D6XYoVcxkgGuB00FZkdGxNkAO79rlKcC6_E4svBEHJLTz0jdMBsw_LoRZzqOlNajl-_dI5u&sai=AMfl-YTKynfsB24gBejac_eb_AeOM_wxt7wei6jpudUqXzjCQPD9FvDZ_TP-cIft8qQNTnOQakTvCmVcTTuCXOVSBmetJJpXliY-bOkmq8nJLe8poo_422xyC4Ut7VAE586Uo2LXMPlklfTu0s8z3dB7V0dNCkpRJB9cVShoPZQ&sig=Cg0ArKJSzBv85yOMSEn2EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cstd=149&cisv=r20210816.30389&adurl=
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 20 Aug 2021 13:47:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tp2
trk.decido.io/com.snowplowanalytics.snowplow/ 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.decido.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.123.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.123.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
via
1.1 google
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
tp2
trk.decido.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.decido.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
34.95.123.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.123.95.34.bc.googleusercontent.com
Software
akka-http/10.0.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.yourmoneymagic.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.yourmoneymagic.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
server
akka-http/10.0.9
date
Fri, 20 Aug 2021 13:47:00 GMT
content-length
0
via
1.1 google
alt-svc
clear
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 349B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 11:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Aug 2022 11:09:34 GMT
truncated
/ Frame 349B 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1e929078ebd279e198de1cdebbd2bd57b87ea526afcfeb2b424b2fe95d80296

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
tapete.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/ Frame A489 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/tapete.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13747390349531621716/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b268c6fd2100dc49d7adf67a529e13de334ba689e5a362f10950f840d7a4e65
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
314107
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12721
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 09:07:24 GMT
server
sffe
date
Mon, 16 Aug 2021 22:31:53 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 22:31:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CB71
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkd3f2yAbr5bWxzG0ODghiW6iSX3zAF2v5kUpY_5fIGwUxM6y4lC9ZHreBToL0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 13:47:00 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 20-Aug-2021 14:47:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Aug 2021 13:47:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 20 Aug 2021 13:47:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4E99 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 20 Aug 2021 11:09:34 GMT
expires
Sat, 20 Aug 2022 11:09:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9446
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
style.css
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame 26CB 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 12:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 21 Aug 2021 12:08:31 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame 26CB 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1073180
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
32828
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1b8f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wupKW8zCMHTfzgeFrcQb6gpypslI8AJK%2Bq%2Fcyq4GrTI191qytw0tJeqGeHEhaSTm2%2BvW8zvVgDwCT90x%2BBhBlGAnZjv7MeYmW%2BqfoWuqmJBeHnzz6WivVuAHjzcOLH%2B%2FXGj36uoNxR2%2BAE6pd8SgH8nF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
681c122eaab14ee6-FRA
expires
Wed, 10 Aug 2022 13:47:00 GMT
zepto.min.js
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame 26CB 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
916242
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:18:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04043-6233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYwU1czHTbR3%2F7EVZiN7PIY1HJ%2B8fEVfVMri74SL3xSAx33eEk1zDj2bCvMd09EzjxB%2F6ojYIvHyOkjeIwxy3eWiAIqGAUH%2BPPX5fuyhJq5xITw6bnCtKGdURFmDfMBnhhYwenok7n0%2FWR%2Bn2sKjZ%2Ftb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
681c122eaab34ee6-FRA
expires
Wed, 10 Aug 2022 13:47:00 GMT
main.js
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame 26CB 		1 KB
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 12:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
523
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 21 Aug 2021 12:08:31 GMT
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 4E99 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 11:54:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
6775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 11:54:05 GMT
hero.jpg
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/hero.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f256d12de75913a1c9f9d402e145dfde8cdf1d8b219d28c7c2fb82aa189e46e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:03:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
20607
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50369
x-xss-protection
0
expires
Sat, 21 Aug 2021 08:03:33 GMT
outline_a.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/outline_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 16:03:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
78191
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2923
x-xss-protection
0
expires
Fri, 20 Aug 2021 16:03:49 GMT
outline_b.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/outline_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:45:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
10917
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2906
x-xss-protection
0
expires
Sat, 21 Aug 2021 10:45:03 GMT
logo.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:03:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
20607
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5951
x-xss-protection
0
expires
Sat, 21 Aug 2021 08:03:33 GMT
copy_f1_a.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/copy_f1_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa80a0f28b948ff235be2e348a251844306bd8b9e2fc73b563774a997596be8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 10:45:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
10917
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8423
x-xss-protection
0
expires
Sat, 21 Aug 2021 10:45:03 GMT
copy_f1_b.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/copy_f1_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e2ffd4b4a9a876c813d8482f3d9f5ea545a4b8eaa65bfa4593ebffc27ba10ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:03:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
20607
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2988
x-xss-protection
0
expires
Sat, 21 Aug 2021 08:03:33 GMT
cta.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame 26CB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:03:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
20607
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4036
x-xss-protection
0
expires
Sat, 21 Aug 2021 08:03:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 349B 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstN5Ulwb1GwRwZuwyWSQJke3wQnfkUhuH5muBwg2ID5_9QfCxl5NvROxNnfuc8eTF8r4EbLYZCp59541CywY9ixFxMDTPkF00RupsCo10uk3ZG2duXw7MZBZscFI2ZTCO1dms1953cBbHU16GBTwo5rHIiXmNYOfANT0w_KZD1nFVOwH1lyN2qzA5k1of4OHhb-I2JxgIXtZs_rhXE5_w_shBbyptWoFuDcW8ilkDIJ8--bc1Hf-lAF32PiQAxLaH4ekdL4-tMj6HYV9sie1tQzj0kevXLIOVrLiJID-kvouSWJC0NjKjgBuwW4oWG0R7eOqpSJDTMahP7OngAfVvBEXU7P-fk4KImGrS4Pd2E2Y_qyH5OJ_7lqkTgJUelJ0UeaECJDrgw64jzghIvU59z37P5v-Y1Z6G7BBVflUGMXKPVyIMB_hYvKP0K9RbC-HUkYaXRi9T93rYbWNvspS70OYJm-ATPvYIc-omiByQtI1KZ8D7_P221Yg6e7xaVYL9iQYCMjfddyLl1uHbSU1QS51RbS68F47N1n7NOKc4d9K8IhIypTLUYxCFy6QnBCLh4S5WUqWZPgfITMiXRvc_TYqWr0IwoJ_UKCC3HaBK8lRKr0-NQRBXro3wStojZZgczOvd6vaAcU-7d9HMBo01uinxWSzAURwO8EM6Fn_cK9rUN4KLSSWXTgnOeq87ejYrP3XpUIBNR_i8K-r2Jn71C4cg2JDBFVrTgVnNAJq33eXXIRnCiYttjM25gOFRvoaZ8XQ40J1sfLa5jeTZEPh8I2sDY8zgcii28xnzJwDA3Ia9eon6VCTXQ203LN37M1n7lB0C3gnJdmNERbinIh8ZCBH3AHgGEpwpaIxt8GcEc34lJWjGjzKTPzOruW0aG9UspWLfm3Grhsbv3OARZEGDAn20yCIdzh8mbIPJeXq0qhRlW2w2u8JE8LA0OVrtcGtl3Ss7RMu-iPFs_j689gPCvJInrdZx6pAsI4uO0rUToCctPxPnw0cs7kVp6w1aPd1cop2TUC7v6_VOvMlU9RMwpik3bi54DGbbJ4Nky3ZwocLXJmetefqecvsfjvmRk7lVeVyYfIM7wLT_kI_YTlviYTZR0u3D6XYoVcxkgGuB00FZkdGxNkAO79rlKcC6_E4svBEHJLTz0jdMBsw_LoRZzqOlNajl-_dI5u&sai=AMfl-YTKynfsB24gBejac_eb_AeOM_wxt7wei6jpudUqXzjCQPD9FvDZ_TP-cIft8qQNTnOQakTvCmVcTTuCXOVSBmetJJpXliY-bOkmq8nJLe8poo_422xyC4Ut7VAE586Uo2LXMPlklfTu0s8z3dB7V0dNCkpRJB9cVShoPZQ&sig=Cg0ArKJSzBv85yOMSEn2EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=285&vt=11&dtpt=133&dett=3&cstd=149&cisv=r20210816.30389&adurl=
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 13:47:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame A489 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea40e2a92c634c790504307f6a6003da437e1fdc0f7cad0eebd5c7eefe733cb4

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
usync.js
eus.rubiconproject.com/ Frame 00AD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1888f4d2672705b551cc864ad14ad5f4f2b1d0813fb3778eb092fd0340410043

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 13:47:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16183
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Fri, 20 Aug 2021 18:16:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E99 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEcpeU7IfYfilOtGU9u8P95Kx-A0AAAAAOAHgBAI&bg=!1tWl1ZHNAAZvV8FTb1c7ACkAdvg8WiqUqk4ANc9joL7g_bvGDA82fwsgxCRdUyQ0Nd3MlhAsu9CkpAIAAAC6UgAAAA1oAQcKAH01ouyTddt9HgFMJnAIhUn0UyhXcqA3tZcFVgvtK31BhKNHo64qfLrJsJWU4Yn5Z_FY0aCXJihBzfp1zJDVYByGYS5cjttAdbNa0Vm4ine5az7P9bu8byI2_TZ7jbqekjnUgr3YXkffGT8bDfKIk-aR01Q5Uib3P-f78qwW_pkCy2SklDFahklxGMiL_woypIpEpvYf_J_WYKJPskfEjFkfK3Ngc-KMGopF-WRmE1LKiZjdgRfsWN1YIhGoWuuf9n94VIbjyVFaNRcRbVBWyfecDbnZ0W5ckGtg2ZnAOokE_os7gGGFo6uc03ep2dLCqtMsJAI2bDORmcECPVKAvV2c-NxXeSql1_VAFkd8G64KGhl_p1SeBfRy0LuSj8DF42N7CItq2pq33TpmZCGWT6w-uxK9jtjZqqK8_aBYk2cFY-RFph6UFywPMRT9J-YJNK1Z-OnPuIg3FMw97PTtReH_IsnMBxOig00N0g-jnRFBx2eKJIihomZSWtrgehn8fMMuZlkaSY0vqaBWOkWFXhEJ0ouIbHdnLecXnFvww1dc6Lqh9QguR4OXJnYm9d1bqw9ufvJ0rsLbYytj7g3RCNSVO0TQS5r-R56UgC8D2wGTq3jYJRetJvaDpyVqrPDU8M52qau9qwIsvlwUfUVR_SL6njBs6wkzUqMhaWmUSIiPIZkplsEpiXVZIQ9pbvUSRySurKL-AJXJXvXvJs2TW1D7Sj2H7sWbsa3Kd87YNW4i2y18HOJVYqAZeAC7H0sYjVs1zdoxHwZ2-y9nXKMk3zGbX6oEqj5l72OMnzlrdkHdPLWcIZ4VNBBI1HwCdedcC4qfys4UGg40AZTFN96pTmqs8_uumj5bxt-CBKuvRcsYNi5tBNsOi2o9NzCT9nriPq5rGhX8eUjiZw7kS2_ShVQgxNmKbJMlLmRJ1Fa6QvxdI2651rDD1p95Od1BFb9XUO-yNo2Obj1K9_Twbjc4bNzGKZw0c6I07s9-4TYQDJ_XVn4Imf64SCn17TZcwBuGGk69YBfVSZ0NVC0s9CP4t0xFKhMOuhpd49uVROjsU4VuWMhwtDXMd3k_bLCtSWfJxrUVSjd6nKAvFteNaZKUiAPBA43O4CCdOCj1eEk
Requested by
Host: b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
URL: https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 00AD 		284 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
activeview
pagead2.googlesyndication.com/pcs/ Frame 349B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWi9_pgnNceOpte1IgH-Q1yI-aqbJlz0dOjBk8T6ObukY21uQhGs2gg0WiKCMkoW9j5yZKYdwXHh7X90aKXIicfRyGd4zGD8tIslnX70unVYl4c7VlQR-tNfw&sai=AMfl-YTu_YZNBTVQAQWCfCdRbP0BPiOsYl7HOptn_G5Fk5PPFCWYsUjg0NmOjvM7c77ZeVtbpbaxxantLMsJiaBhxx4RTvYn3ZCsGZgcRONpKMj9uVzGZcTyZJKH3060ddc&sig=Cg0ArKJSzLMC_ER258zzEAE&cid=CAASFeRozSgIm7vDpkhklTN7yVGDPJtwsg&id=lidar2&mcvt=1000&p=128,1130,378,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2066978376&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 00AD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---
  • https://rtb.gumgum.com/usersync?b=mag&i=KSKEPMQM-B-6VUK&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=mag&i=KSKEPMQM-B-6VUK&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=mag&i=KSKEPMQM-B-6VUK&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 00AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOZb7pSw4Xdt1CdhWfk7iko&google_cver=1
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOZb7pSw4Xdt1CdhWfk7iko&google_cver=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOZb7pSw4Xdt1CdhWfk7iko&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 00AD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YR_yVQAD8ZeFIgA4
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YR_yVQAD8ZeFIgA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2235
x-served-by
cache-fra19175-FRA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1629467222.649548,VS0,VE0
content-length
85
x-cache-hits
5723

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1629467222.526232,VS0,VE93
x-served-by
cache-fra19175-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YR_yVQAD8ZeFIgA4
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 00AD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame 00AD 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:01 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 00AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWUzYzNjODc2MjJkN2ZkNGJhNDAyYWY1YTk5N2YzMzQyZWU5NjM0Mw&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWUzYzNjODc2MjJkN2ZkNGJhNDAyYWY1YTk5N2YzMzQyZWU5NjM0Mw&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWUzYzNjODc2MjJkN2ZkNGJhNDAyYWY1YTk5N2YzMzQyZWU5NjM0Mw&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 00AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSKEPMQM-B-6VUK&sigv=1&esig=2~3ed7bb743b82de4727fd4ad27aeb7e48eb7f4f22&us_privacy=1---
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSKEPMQM-B-6VUK&sigv=1&esig=2~3ed7bb743b82de4727fd4ad27aeb7e48eb7f4f22&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:01 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSKEPMQM-B-6VUK&sigv=1&esig=2~3ed7bb743b82de4727fd4ad27aeb7e48eb7f4f22&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 00AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5rU2gB8Gm8lCS1mq9nv0pQ?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5762065402411680127
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5762065402411680127
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Fri, 20 Aug 2021 13:47:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5762065402411680127
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00AD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NLRVBNUU0tQi02VlVL&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NLRVBNUU0tQi02VlVL&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NLRVBNUU0tQi02VlVL&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
eb2.3lift.com/ Frame D298
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1---&
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
60d33689aa7a42cabfbc589c910f97f86cfd2d5f70384dbba08f495bae9911d2

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1---&&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=4406385888436902672
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
content-type
text/html; charset=utf-8
content-length
478
set-cookie
sync=CgoIgQIQ0sLCnrYvCgoIkQIQ0sLCnrYvCgoI4gEQ0sLCnrYvCgoIkgIQ0sLCnrYvCgoI5gEQ0sLCnrYvCgoIhwIQ0sLCnrYvCgkIOhDSwsKeti8KCQgLENLCwp62LwoJCF8Q0sLCnrYvCgkIHxDSwsKeti8=; Max-Age=7776000; Expires=Thu, 18 Nov 2021 13:47:02 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=4406385888436902672; Max-Age=7776000; Expires=Thu, 18 Nov 2021 13:47:02 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 20 Aug 2021 13:47:02 GMT
content-length
0
set-cookie
tluid=4406385888436902672; Max-Age=7776000; Expires=Thu, 18 Nov 2021 13:47:02 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?us_privacy=1---&&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
eu-u.openx.net/w/1.0/ Frame 9CD9 		668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e44a3085560d0919748f39b3f9cc44bd139e1702c4a4b76c7f2205497232169

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6ddbca5d-e516-4f6c-a5fe-f0c250202e9e|1629467221
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6ddbca5d-e516-4f6c-a5fe-f0c250202e9e|1629467221; Version=1; Expires=Sat, 20-Aug-2022 13:47:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629467222|gekin0vNiygu; Version=1; Expires=Sat, 04-Sep-2021 13:47:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 20 Aug 2021 13:47:02 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame C80C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.yourmoneymagic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 20 Aug 2021 13:47:02 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6AA0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/ymm-pbjs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.yourmoneymagic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 20 Aug 2021 13:47:02 GMT
Age
32511
X-Served-By
cache-lga21936-LGA, cache-fra19178-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 250630
X-Timer
S1629467222.378630,VS0,VE0
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ca890a1d-e866-4703-bed1-42f0453b24c5&ssp=themediagrid
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ca890a1d-e866-4703-bed1-42f0453b24c5&ssp=themediagrid
Requested by
Host: www.yourmoneymagic.com
URL: https://www.yourmoneymagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.101.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-101-201.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ca890a1d-e866-4703-bed1-42f0453b24c5&ssp=themediagrid
Date
Fri, 20 Aug 2021 13:47:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 9CD9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8cf3611f-b256-4f00-acad-3742c242bf7f
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8cf3611f-b256-4f00-acad-3742c242bf7f
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 20 Aug 2021 13:49:43 GMT
Server
MT3 3853 9552a83 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8cf3611f-b256-4f00-acad-3742c242bf7f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Aug 2021 13:49:42 GMT
sd
us-u.openx.net/w/1.0/ Frame 9CD9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qaffYv2k2zKyo400_KPDNqivjDCyotg8rve1XdZa
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qaffYv2k2zKyo400_KPDNqivjDCyotg8rve1XdZa
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qaffYv2k2zKyo400_KPDNqivjDCyotg8rve1XdZa
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9CD9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8232637830751059744
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8232637830751059744
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8232637830751059744
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9CD9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=be77f504-4c91-709b-ff28-382a34071d63&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9CD9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTIxODI2Y2UtODVlNi0yZTNmLWVhYzgtNjI5M2ZlZTVkMzAz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9CD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=019c11f1-5f69-4a3d-b69c-d109e52bbae8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP7jqto3HtwOtS4O_ED6dZA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D298 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame D298
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA5cILaVY-29D3SsVTTZSl8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA5cILaVY-29D3SsVTTZSl8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA5cILaVY-29D3SsVTTZSl8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D298
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQwNjM4NTg4ODQzNjkwMjY3Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQwNjM4NTg4ODQzNjkwMjY3Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQwNjM4NTg4ODQzNjkwMjY3Mg%3D%3D
date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame D298 		42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4406385888436902672&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
etag
"9d284f105d6fd71:0"
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref
Ref A: C8471AA98D33409D8B71823EE3A64FD1 Ref B: FRAEDGE1206 Ref C: 2021-08-20T13:47:02Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame D298
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4406385888436902672?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vJhnuqJE2oS5tQLYRuVJp8RNLsWsUGPpny33DWT9SQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vJhnuqJE2oS5tQLYRuVJp8RNLsWsUGPpny33DWT9SQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 20 Aug 2021 13:47:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vJhnuqJE2oS5tQLYRuVJp8RNLsWsUGPpny33DWT9SQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D298
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8607140450650277681&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8607140450650277681&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8b9e6af3-6edc-4157-b0ac-93d87c669db8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=8607140450650277681&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame D298
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4406385888436902672
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4406385888436902672&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4406385888436902672&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WDBZ72N3A7PG15AYFTN9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4406385888436902672&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D298
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame D298 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4406385888436902672
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame D298 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4406385888436902672
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bounce
ib.adnxs.com/ Frame 6AA0
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1648ed84-f084-4bbb-b458-92f6197a0801
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
90bb090e-e25b-4dd8-9384-ef1269ff0a29
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5568 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
523537fe029a45ca2c6740638d480b07f1e713d90c50f30d11ae856cc9fc92af

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3204; CMST=YR+yVWEfslUA; CMRUM3=2d611fb2552760CAESECX9XHS9SZiJcOMMs5fAeCE; CMID=YR.yVQEHXo4bsaBKXWN-NAAA; CMPRO=1204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|46|4|51|152|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1495
Expires
Fri, 20 Aug 2021 13:47:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YR.yVQEHXo4bsaBKXWN-NAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:47:02 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:47:02 GMT CMPRO=1204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:47:02 GMT CMST=YR+yVWEfslYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 21 Aug 2021 13:47:02 GMT CMRUM3=2d611fb2552760CAESECX9XHS9SZiJcOMMs5fAeCE&04611fb25605a0&29611fb25605a0&33611fb25605a0&2e611fb25605a0&f1611fb25605a0&27611fb2560b40&98611fb25605a00&e6611fb2562760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:47:02 GMT
dcm
s.amazon-adsystem.com/ Frame 5568
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W5BGE6TJMJBYSRDF4VEQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BN2T9PWDEJHJXFPP0JD1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-yVQEHXo4bsaBKXWN_NAAABLQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItFXWlT1FC9YzeSA9XqxXo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItFXWlT1FC9YzeSA9XqxXo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEItFXWlT1FC9YzeSA9XqxXo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5568 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YR.yVQEHXo4bsaBKXWN-NAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5568
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8607140450650277681
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8607140450650277681
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:05 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
68f99727-e293-4488-9eec-417bc6af6689
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8607140450650277681
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5568
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4222550547953610340
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4222550547953610340
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4222550547953610340
pragma
no-cache
date
Fri, 20 Aug 2021 13:47:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame 5568
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=ecb857ac-eb21-4450-a91f-17f6b60e2094&gdpr=&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=ecb857ac-eb21-4450-a91f-17f6b60e2094&av_tc=True
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=f3298a45-03ca-4ba1-876e-80370a3c5119&expires=2&ssp=index&bsw_param=ecb857ac-eb21-4450-a91f-17f6b60e2094
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:03 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=ecb857ac-eb21-4450-a91f-17f6b60e2094
date
Fri, 20 Aug 2021 13:47:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 5568
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ed8084a2-1ef5-4eb6-83f6-0c4f49535e39
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ed8084a2-1ef5-4eb6-83f6-0c4f49535e39
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 13:47:03 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:03 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ed8084a2-1ef5-4eb6-83f6-0c4f49535e39
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
bridge
cm.adgrx.com/ Frame 5568 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:03 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5568 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YR.yVQEHXo4bsaBKXWN-NAAA%261204
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.yourmoneymagic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 13:47:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1177
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Aug 2021 14:06:39 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F144 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24629513&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9220de59a725f979af5f5d6d748506319f6704b0429ebe86552f5ce9734f4541

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:06 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 8F26 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6E63B325-7B47-45A5-A124-63AA3824D5B0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=6E63B325-7B47-45A5-A124-63AA3824D5B0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=8232637830751059744
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8232637830751059744; expires=Tue, 19 Oct 2021 13:47:07 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0E16
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5227709862348228970
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5227709862348228970
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5227709862348228970
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=6E63B325-7B47-45A5-A124-63AA3824D5B0; chkChromeAb67Sec=1; DPSync3=1630627200%3A201_197_219%7C1629504000%3A174; SyncRTB3=1630713600%3A35%7C1630627200%3A220_7_3_71_21_13_161_56_54; SPugT=1629467226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5227709862348228970; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 19-Sep-2021 13:47:07 GMT; path=/ PugT=1629467227; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 19-Sep-2021 13:47:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 13:47:07 GMT; path=/
x-lat
lhrpug005:0:455
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5227709862348228970
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7FD4 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 20 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1518
date
Fri, 20 Aug 2021 13:47:07 GMT
content-length
43
usersync
rtb.gumgum.com/ Frame 22AA 		35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=6E63B325-7B47-45A5-A124-63AA3824D5B0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=6E63B325-7B47-45A5-A124-63AA3824D5B0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F144
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bmOzJXtHRaWhJGOqOCTVsA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=134178
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 22 Aug 2021 03:03:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cf3611f-b256-4f00-acad-3742c242bf7f
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cf3611f-b256-4f00-acad-3742c242bf7f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 20 Aug 2021 13:49:48 GMT
Server
MT3 3853 9552a83 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cf3611f-b256-4f00-acad-3742c242bf7f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Aug 2021 13:49:47 GMT
mw
mwzeom.zeotap.com/ Frame F144
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6E63B325-7B47-45A5-A124-63AA3824D5B0
  • https://spl.zeotap.com/?zdid=1332&zcluid=71af00477ed77998
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2ac18d84-f58b-4716-5b6f-c6e895fca9d0&reqId=1a88a337-8002-453e-6e45-c492366ad85e&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECjJ1F0QTOil9pShQb8XO7w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2ac18d84-f58b-4716-5b6f-c6e895fca9d0&reqId=1a88a337-8002-453e-6e45-c49...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECjJ1F0QTOil9pShQb8XO7w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2ac18d84-f58b-4716-5b6f-c6e895fca9d0&reqId=1a88a337-8002-453e-6e45-c492366ad85e&zcluid=71af00477ed77998&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
681c125ea95a4e20-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECjJ1F0QTOil9pShQb8XO7w&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2ac18d84-f58b-4716-5b6f-c6e895fca9d0&reqId=1a88a337-8002-453e-6e45-c492366ad85e&zcluid=71af00477ed77998&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkU2M0IzMjUtN0I0Ny00NUE1LUExMjQtNjNBQTM4MjRENUIw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:561
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIC1paskJoZl-iZt2To7vGI&google_cver=1
42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIC1paskJoZl-iZt2To7vGI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:519
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIC1paskJoZl-iZt2To7vGI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F144 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 19 Aug 2021 13:47:07 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8232637830751059744
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8232637830751059744
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8232637830751059744
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cf3611f-b256-4f00-acad-3742c242bf7f&gdpr=0&gdpr_consent=
42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cf3611f-b256-4f00-acad-3742c242bf7f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:08 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:1423991
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 20 Aug 2021 13:50:23 GMT
Server
MT3 3853 9552a83 master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cf3611f-b256-4f00-acad-3742c242bf7f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Aug 2021 13:50:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dcdf0bcc-9b16-424d-94a2-3084d43dd101
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dcdf0bcc-9b16-424d-94a2-3084d43dd101
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=dcdf0bcc-9b16-424d-94a2-3084d43dd101
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame F144
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8607140450650277681&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8607140450650277681&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:635
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Aug 2021 13:47:07 GMT
X-Proxy-Origin
185.156.175.109; 185.156.175.109; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0208a4d3-abf8-4b93-94ad-4a1764336241
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8607140450650277681&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6E63B325-7B47-45A5-A124-63AA3824D5B0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F144 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6E63B325-7B47-45A5-A124-63AA3824D5B0?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc0b4911258043e9964aa3b542893b4d4355701b88328b06fe20726bcfb7d10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 20 Aug 2021 13:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8638
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 13:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 20 Aug 2021 13:47:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3B0E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 20 Aug 2021 13:22:33 GMT
expires
Sat, 20 Aug 2022 13:22:33 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6E8E 		783 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97f0bf7c337a079142388a994b608f4e99e62ef1391d6b2959745a03b6ff9815
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fAJGxSuzsePV6cScH0ObOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourmoneymagic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourmoneymagic.com/

Response headers

expires
Fri, 20 Aug 2021 13:47:09 GMT
date
Fri, 20 Aug 2021 13:47:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-fAJGxSuzsePV6cScH0ObOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 3B0E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 11:54:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
6784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Aug 2022 11:54:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081801&jk=3805009858636596&bg=!2Nul25_NAAZvV8FTb1c7ACkAdvg8WhYpmCCzltWzDgCAA8R39UT5YDcanU-p8Ms-_GqedQVPNmZ0cQIAAAB5UgAAAA5oAQcKAGIt6yaNF09tzbrgNWW5-y8sB2_LWa88Jee65nZK4xhe1z4ivmYwR3JE0JEjECYgRsId2gbvz3qOHuJuAOCHiqiDoQtEZ8R8Bqn5Qt4p1MY5pbqwS9cvfCf7xlF1NntMsH0_ZpkCdnE7QWbWj6Hhd888EkV3arNxx94wT1z6XJyDq-Q_2VdmCxzwX-aKRjaZEY2wZzmHcJeewvf9jddnN-0F1l6ZbFDXKW3k2JQPhqUKa6KpahlE5818CLIPRe3nyx0NxaAlfI7pWRdV4IWDdNsP2fwMB_Q4g7D6l6f6Z3qsFU8mzn9FIzs0JzsWB10L9ItGlkc9BUFm1SKDf86isTrtaRP5eSfpMOpLoAY8xWxLYIrQ9FWpy-uuk22ePS4ow4vZxxVgqo9-T0gmR3hpWil8YosDb68P2eS0CMc2Gf9ZVoNkUm_RAMLUBpmpaikB_rWMJjI9-ZHs0-uSXDk8Ga7EdyAQFK5HVEb59lZWU80mQQHg3YFkX8krjaw8azNrOEbT5JggUUuLEZ2MOq_lsaxirR-7JSXSTWrDobYNkfCEzWcPj9TfPmrRkG0ej8B_3F2_4P9VUKtftYykgb--khU13FtryQhp1noDm2pv7MGrtWaVM3Zp-ciwpYqq_85Mj4mmoWHyQ3T5Qc_MedkEjWq-9gza0-LZMfiDMnt39Eg13CYCrQ86GTNiwrnlt2akmV7q2FGi0TMTRw6gvmRMde8D4wnZyul-kjN8UhLBY0I4HmQ_L2_EPiHHe2SzWcIKj2XEC9GPfYu7wW12G0dGQOCmnky_-84mcj5AdYTHpB6kBddX7yVoXe9Ph38yalbgJVOkLcDLHX98vBVWnIBhS5t1HncuSQX8X7sfuSU83IBwcEUKNCBl2KiC5GniceI4NWwnEkEtXI8b9atDEFe2tPnK1tmQF4O31gStzOUqSC3UaV56CKtItLdxq4oIymop9_mcCs9B6viEjiOYeQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yourmoneymagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIuJvGtt6_8gIVUYr9Bx13SQzfEAAYACDY6JBJQhMI4q-ptt6_8gIVoOe7CB3aIgOs;met=1;&timestamp=1629467231203;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 349B 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuJvGtt6_8gIVUYr9Bx13SQzfEAAYACDY6JBJQhMI4q-ptt6_8gIVoOe7CB3aIgOs;met=1;&timestamp=1629467231203;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIuJvGtt6_8gIVUYr9Bx13SQzfEAAYACDY6JBJQhMI4q-ptt6_8gIVoOe7CB3aIgOs;met=1;&timestamp=1629467241203;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 349B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuJvGtt6_8gIVUYr9Bx13SQzfEAAYACDY6JBJQhMI4q-ptt6_8gIVoOe7CB3aIgOs;met=1;&timestamp=1629467241203;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 13:47:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| cmp object| gdprConfiguration object| node function| __tcfapi undefined| $ function| jQuery object| wpml_cookies object| dataLayer object| googletag object| pbjs object| asc object| apstag function| cbAvantis object| ggeac object| google_js_reporting_queue object| ccpaConfiguration function| __ccpa function| __uspapi object| wpJsonpLiverampGdprCmp object| google_tag_manager object| wpJsonpLiverampCcpaCmp function| setImmediate function| clearImmediate object| __core-js_shared__ object| core object| __tfa_pixel_init object| _tfa function| fbq function| _fbq function| obApi function| pintrk function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| amzn_aps_csm object| wpcf7 function| Waypoint function| getParameterByName function| getVersionJsForAds object| GlobalSnowplowNamespace function| dtrk object| NiceScroll function| retinajs object| addComment function| lozad object| zoxWidgets object| wp boolean| apstagLOADED object| google_tag_data string| GoogleAnalyticsObject function| ga function| pbjsChunk object| _pbjsGlobals object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| OneSignal object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| BezierClass number| a object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: PugT
Value: 1629467226
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8cf3611f-b256-4f00-acad-3742c242bf7f&KRTB&16736-uid:8cf3611f-b256-4f00-acad-3742c242bf7f&KRTB&23019-uid:8cf3611f-b256-4f00-acad-3742c242bf7f&KRTB&23114-uid:8cf3611f-b256-4f00-acad-3742c242bf7f

6 Console Messages

Source Level URL
Text
console-api log URL: https://www.yourmoneymagic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://www.yourmoneymagic.com/wp-content/themes/zoxpress-child/js/functions-base.js?ver=3(Line 35)
Message:
Execute processAdsOnPage
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://cdn.taboola.com/libtrc/unip/1299817/tfa.js(Line 3)
Message:
Taboola Pixel: An error occurred while handling command '{"notify":"event","id":"1338279","name":"view_content","tim":1629467219205}'. TypeError: Cannot read property 'getItem' of null
console-api log URL: https://cdn.taboola.com/libtrc/unip/1299817/tfa.js(Line 3)
Message:
Taboola Pixel: An error occurred while handling command '{"notify":"event","id":"1338280","name":"view_content","tim":1629467219205}'. TypeError: Cannot read property 'getItem' of null
console-api log URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/main.js(Line 32)
Message:
3.75

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.avads.net
ads.avct.cloud
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
amplify.outbrain.com
ap.lijit.com
b1sync.zemanta.com
b20e29ca7e6863515f37cfaf6b6e1045.safeframe.googlesyndication.com
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
cdn.onesignal.com
cdn.taboola.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
ct.pinterest.com
d5p.de17a.com
dau-prod.launch.liveramp.com
decido-d.openx.net
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-web-dau-prod.privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.yourmoneymagic.com
jadserve.postrelease.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.pinimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
trk.decido.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.yourmoneymagic.com
x.bidswitch.net
104.109.78.125
104.75.88.209
124.146.215.47
129.159.70.95
13.224.186.4
13.224.196.58
13.224.96.37
13.224.96.44
13.225.87.13
13.248.242.197
142.250.184.226
142.250.185.98
142.250.186.66
146.59.148.16
151.101.13.108
151.101.13.44
151.101.14.49
151.139.128.11
159.253.128.183
162.55.6.213
169.197.150.7
172.217.18.98
178.250.0.163
18.156.195.47
18.159.8.206
18.192.135.64
18.195.155.181
18.196.0.40
18.214.172.53
184.31.84.150
185.184.8.65
185.29.134.248
185.33.220.243
185.33.221.90
185.64.189.110
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.122
193.0.160.129
198.148.27.140
2.18.232.7
2.18.233.180
2.18.234.190
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
213.155.156.180
213.19.147.44
213.19.147.45
2600:9000:20eb:2800:3:f9b0:4040:93a1
2600:9000:20eb:9000:11:2a6a:9480:93a1
2600:9000:20eb:cc00:9:dc53:cc00:93a1
2600:9000:2190:c00:16:f82a:8600:93a1
2600:9000:21f3:6c00:0:70b1:7080:93a1
2606:4700:10::6816:1957
2606:4700:3031::ac43:d645
2606:4700::6810:125e
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a02:fa8:8806:20::2010
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:54::84
3.126.56.137
3.127.92.82
3.69.101.201
34.224.231.148
34.232.92.67
34.251.173.19
34.254.8.42
34.95.123.0
35.157.32.122
35.205.207.25
35.244.159.8
35.244.174.68
37.157.6.241
51.178.20.140
52.17.151.21
52.46.133.124
52.57.88.239
52.95.124.170
54.209.16.83
64.202.112.191
64.202.112.95
67.202.110.24
69.173.144.138
69.173.144.139
69.173.144.165
70.42.32.159
72.251.241.204
72.251.249.13
72.251.249.14
76.223.111.18
88.214.206.142
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
0148e955211fca65d7822833507e26851300dfe0225aec5e4e1ce46ae34643f5
021f8bc5e18461a2a91ee1c0b9c2c750e22402a14d789a62a8fae5e58520fed2
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077208e4c1ed7355388dfe6dd5daeb6e8bcbdc1c0ed743fb652221fea57c4769
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
090ed462db1d656761af8b2ea5657f074a2b85aabe8babd5076fa726f23fc212
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
0b4ccd1e84ee06b88155ef435ac3dccccd744f8c3c54f325cc5ce4bedbdd694e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fc25ea3926a711e5e8fdf4fe765fc4890abdad3a882cb010bb5f149ea8c3fe6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b53dd1d18dd1d36e0f1615d3b02e612270f546a89b95bc241138d609c0c851
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1888f4d2672705b551cc864ad14ad5f4f2b1d0813fb3778eb092fd0340410043
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
245affa620faec1b7e9e431d1e76c88b6b5981e97d90d537f4df7c91ab59d037
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1925a4d5b7b53f708980705003d161d5e9897e462d954f8ef9a17868d27333
2e2ffd4b4a9a876c813d8482f3d9f5ea545a4b8eaa65bfa4593ebffc27ba10ab
2ecc17ef6f2b22e18e4f779bcda128e3bc8e791befdacc6ff8bb59814e69aa8d
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36b4cffb1084d03760e3b77b42f749c6d6a86fcc43456cc5b25ea0a17811de24
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3cedee492169be01acb80361e2b95cac22275d077925cf8676efe45954a0e9cf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44848ac40beaedbc356f81cf3864040c06808af8cf02eac9012274e69b4ef8bb
45eb4a06b8ac41231cacdee781d6a1175ed0dc544c3982b708305b281feaaab3
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a010435147d82d676f2638a14aaa9f3c04818f26d5f37824ad42a0f58f1e4f9
4cdcf2f490a1f52ac2668376445e1f1291c68a0dd31537684ad325901600801b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e44a3085560d0919748f39b3f9cc44bd139e1702c4a4b76c7f2205497232169
4f256d12de75913a1c9f9d402e145dfde8cdf1d8b219d28c7c2fb82aa189e46e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508979db5867dd8600a1dc8ee0deec843a9450e938e3f3ef2670c46db3565130
50c00fdd7c176d160b1157b4bc78af7d33c041aac06981b0cf0e6c9564be4191
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
523537fe029a45ca2c6740638d480b07f1e713d90c50f30d11ae856cc9fc92af
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5bcb9dd1d72186cb617055272128e3c11a30dfc9a979e9237deaca99325f0b05
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5fe9d1876afac7a3a8d9186b1479a3e9438116f5ca9b7690834adce0895935ce
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60d33689aa7a42cabfbc589c910f97f86cfd2d5f70384dbba08f495bae9911d2
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa1ac5a5b8d0282a7214e1c53ada2dac9941767f09a68724f96b759b0650059
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c209434d68ea840d8a39cde25469f433ef0bdc1ab9690d01f0cce3d84218d38
6f035ed43c4fdc98696fa608b233927c91f4ccdf036719ee5b186d7074e175d0
73942eb1230008b95d4883cff41b90a2ee8e1e024904be6e058cb08df5f5eedf
75c44c488870aff0adb0923d62c348acadae9820f9b4263d2e4f6684a1c6b18c
76a717e3106bbce062d4ad66faba695a9e7f6ced5e392d4d178bdc7ea256dd6a
76dea9c74e06fec4adc18bac3af908d1f3a9b8bd9702621b8743bfab6b62bdac
770f6491631d45a0f5e75b98e18fcf4fb633ab5e1dcd7fa4ba90ac1e7393bfcf
77f90710965ed7d0b943cf275a9b6715efc24630087ac4ee7bc96b3d9f276193
786d8487a0225a7fdaa27bc83ac9f2eb0c37f01e84a159fcdbc8fad3c96792d0
7c1156d744cbab5118215fc365b5ef20f5eb28de21a43647f181ddd3a71b6fe7
7cfd85774537c98025d7a5a8700d7e4af76e1164b9fb3a397aaac73b937b53dc
7eb3fcbc17e537501fb619e0758d15a3cefa1acd201d6ce8fe408c26e61ef6dc
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c754db56f348cba0f151f0dae4180106bb2aba38e67ed3d0b99457a1bc54df
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c
8b268c6fd2100dc49d7adf67a529e13de334ba689e5a362f10950f840d7a4e65
8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8e958f60fbf777edbd2d9b72c92c2ecd04dfbd4083f7cdbf80ca007c6e02335f
8f99e8239d44c2b9924e17ab22681397a812dabd186dc5869ceadc3331817385
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8
9220de59a725f979af5f5d6d748506319f6704b0429ebe86552f5ce9734f4541
92a8f9e515c054ea9c29e17e1bbcedeb19d041a3bdb4b2b5eadfbcca3f23a2a7
951ae8013e2a7f9752b5b2eb8136187309edf3e40ea9feb611eb0fa18161be50
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97f0bf7c337a079142388a994b608f4e99e62ef1391d6b2959745a03b6ff9815
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9af98e149ed5a7af3bbfe75257ddb5a7d4bc5f0be036822f89b2a1fa809fd21e
9d9e0933815af2c32a10cbe880eb53cf5ab583d1c4d989642f2e4f21c647f4ab
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9efd0b9f20f5d1c4c8d7d019a98c508928c08add388885dc98221b142c78ce53
a1e929078ebd279e198de1cdebbd2bd57b87ea526afcfeb2b424b2fe95d80296
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d5580b7cd26c30fbecaedc3eccce6d40e07de7e6121b6142a1cfc85e402d87
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78068412314844535393b782c600ec0bd7908a95727f9538e5b2489a797c669
a9d3ad5dfc1644e57e4b95eeeb4e4071d45e62c46a3107e8f641b5bf241e0bae
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae678694f5923e485b37da28f27136bb7a1fbd49fac1e47ea22e895607674172
b139e775a1abe8317c4ef7225c906242b9078305d8203a2156c33bfa11579869
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21758b22c5813fb752ec63f1ecaa873001752d89d21c5c3c44408b4836abf67
b4438f9701e4f8aec0eb544325c8280bb1a35a68e8e7d34c1dd2fb55b50678c3
b4a6c7e5017609aae1c61ea864259b6f8278390f4df1a12a034e8ea642cfc9fc
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c
c760518e16b88df5b9af7351e833381cdafd3569d99a5eb5d101fe3fb67c9f90
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8d0488512ac98a9343c03964aa052b77f4f3f0bdb0f3e8869151968b58b0e7d
c97fa680ab8feab09e2d28bdad2af0e0882e645914192285ed125b45474e9519
ca871baafac1b439af766a842f5dd0ccc025b2521a649317364a9fd2535f2f45
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cde654eb275a33ae23415dbaed7b378defbf3df8f84a0f7eacf7f808e2eb1873
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa80a0f28b948ff235be2e348a251844306bd8b9e2fc73b563774a997596be8
d28efaff3cf614549aa68db1ad993f3a3027520dcaaae77eb22b1cfb93494b00
d3d76f83030128a12bda890058c4b75b49fea0cbeea6d211830a050d16af8d85
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d71b96113bfea93a005f73ca28b4030777dde659a2ab342562547ecae1ed2522
d72c80447b30a4ed1899420300a87a9f271abeef1329bed69ac716353a1182f2
d8f87ddc5f3f36e64ed4727eb966b30c46779a2cb65264d9e9628790036ce5ba
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf33f709196b70450b8cd85e6707ff0c30052a5918227924ea322a780815a0
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab
ea40e2a92c634c790504307f6a6003da437e1fdc0f7cad0eebd5c7eefe733cb4
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5
ed14694dc5a87fe9a8c85290596774344726a97b937f8fd4d71b92041aefa343
ed9ab377316d9cc80f3f365ae55f31d2083823b9866c2604f79844266ad668cc
eeaeb3a84a897619e4d725b6483171bc97474df901342a2350a4c7d1a5a5555c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28132336ea521a9a6f6307755e23fad66b3e5f0a533bb5332612b7b84ddaa36
f3fb140917e4a19988c60805d43030dda3837d711aa9867b3f648c2961d75b25
f767f42765a143586abafcd5f1ec1221274c58264b311bd14ea2bae8c25252ad
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fc0b4911258043e9964aa3b542893b4d4355701b88328b06fe20726bcfb7d10d
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff9a6714d81bf414d94cfb0874d16444bf0cdef22092dc3323b34749c35048fe