urlscan.io logo urlscan.io
SecurityTrails logo

ntdeals.net Open in urlscan Pro
184.73.36.82  Public Scan

Go To Rescan Add Verdict Report
URL: https://ntdeals.net/us-store/category/nsfw
Submission: On January 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 10 countries across 107 domains to perform 518 HTTP transactions. The main IP is 184.73.36.82, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ntdeals.net.
TLS certificate: Issued by Amazon on June 15th 2022. Valid for: a year.
This is the only time ntdeals.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 184.73.36.82 14618 (AMAZON-AES)
3 151.139.128.10 20446 (STACKPATH...)
14 108.138.128.101 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2a04:4e42:400... 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.35.93.28 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.85.61.12 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2602:803:c002... 26667 (RUBICONPR...)
7 18 68.67.160.132 29990 (ASN-APPNEX)
4 54.237.196.214 14618 (AMAZON-AES)
3 32 35.244.159.8 15169 (GOOGLE)
10 34.236.83.94 14618 (AMAZON-AES)
4 104.36.115.111 62713 (AS-PUBMATIC)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 195.244.31.10 63140 (IGUANA-WO...)
1 5 18.205.173.16 14618 (AMAZON-AES)
4 23.105.14.96 30633 (LEASEWEB-...)
2 9 145.40.89.200 54825 (PACKET)
4 172.64.154.237 13335 (CLOUDFLAR...)
4 2620:100:a001... 19750 (AS-CRITEO)
9 2607:f8b0:400... 15169 (GOOGLE)
6 69.192.109.53 16625 (AKAMAI-AS)
13 2607:f8b0:400... 15169 (GOOGLE)
1 6 104.36.115.113 62713 (AS-PUBMATIC)
3 4 185.167.164.43 198622 (ADFORM)
5 5 151.101.194.49 54113 (FASTLY)
2 22 162.248.18.37 62713 (AS-PUBMATIC)
2 5 52.46.143.56 16509 (AMAZON-02)
3 3 74.121.140.14 30419 (MEDIAMATH...)
6 6 34.206.164.61 14618 (AMAZON-AES)
21 57 142.251.41.2 15169 (GOOGLE)
1 1 150.136.156.92 31898 (ORACLE-BM...)
1 1 199.187.193.193 47043 (SMARTADSE...)
1 1 198.148.27.140 19189 (PULSEPOINT)
8 8.28.7.83 62713 (AS-PUBMATIC)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 173.231.178.77 32475 (SINGLEHOP...)
1 2 34.200.16.206 14618 (AMAZON-AES)
2 2 54.221.123.214 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
2 2 44.205.120.122 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
6 6 199.127.204.171 26120 (RHYTHMONE)
10 11 35.71.131.137 16509 (AMAZON-02)
10 34.149.40.38 15169 (GOOGLE)
3 6 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
5 5 141.94.171.215 16276 (OVH)
3 4 52.87.25.51 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
5 6 3.218.90.66 14618 (AMAZON-AES)
2 2 50.16.197.56 14618 (AMAZON-AES)
2 23.0.196.34 16625 (AKAMAI-AS)
3 3 34.171.234.26 396982 (GOOGLE-CL...)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
3 7 2600:1f18:4e9... 14618 (AMAZON-AES)
1 162.248.18.34 62713 (AS-PUBMATIC)
4 4 2606:ae80:145... 25751 (VALUECLICK)
2 2 54.175.24.238 14618 (AMAZON-AES)
10 10 35.211.178.172 19527 (GOOGLE-2)
2 2 44.201.217.92 14618 (AMAZON-AES)
1 52.3.185.245 14618 (AMAZON-AES)
4 4 207.198.113.88 13768 (COGECO-PEER1)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
42 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
22 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2 23.78.168.242 16625 (AKAMAI-AS)
6 104.105.42.146 16625 (AKAMAI-AS)
2 52.31.12.122 16509 (AMAZON-02)
3 5 192.40.39.223 27381 (CASALE-MEDIA)
64 2607:f8b0:400... 15169 (GOOGLE)
6 142.250.65.162 15169 (GOOGLE)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
3 5 51.222.39.185 16276 (OVH)
1 2 35.186.193.173 15169 (GOOGLE)
1 157.90.211.246 24940 (HETZNER-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 3 104.18.33.19 13335 (CLOUDFLAR...)
7 10 69.173.151.100 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.94.222.140 16509 (AMAZON-02)
2 8.28.7.84 62713 (AS-PUBMATIC)
1 2 96.7.65.215 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 185.255.84.152 200271 (IGUANE-)
1 2600:1f18:612... 14618 (AMAZON-AES)
3 4 192.35.249.138 11742 (SPOTX-IAD)
2 4 54.187.41.104 16509 (AMAZON-02)
16 16 67.202.105.23 32748 (STEADFAST)
1 3 67.202.105.31 32748 (STEADFAST)
3 4 35.186.253.211 15169 (GOOGLE)
3 3 104.66.251.81 16625 (AKAMAI-AS)
1 1 31.220.27.134 39572 (ADVANCEDH...)
2 2 15.235.43.119 16276 (OVH)
1 1 107.22.187.94 14618 (AMAZON-AES)
1 1 3.92.100.173 14618 (AMAZON-AES)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2600:1901:0:8... 15169 (GOOGLE)
3 74.119.119.139 19750 (AS-CRITEO)
2 162.19.138.119 16276 (OVH)
4 172.64.151.162 13335 (CLOUDFLAR...)
5 151.101.193.108 54113 (FASTLY)
1 1 37.157.3.28 198622 (ADFORM)
2 3 63.251.86.51 32475 (SINGLEHOP...)
3 3 35.190.90.30 15169 (GOOGLE)
4 6 107.178.246.49 15169 (GOOGLE)
1 3 13.225.214.50 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 141.95.98.65 16276 (OVH)
2 2 199.38.167.130 54312 (ROCKETFUEL)
12 34.117.239.71 396982 (GOOGLE-CL...)
2 2 35.71.139.29 16509 (AMAZON-02)
1 1 35.214.223.115 15169 (GOOGLE)
1 1 172.104.70.67 63949 (AKAMAI-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2 3.222.96.203 14618 (AMAZON-AES)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 68.67.160.186 29990 (ASN-APPNEX)
1 1 159.65.197.210 14061 (DIGITALOC...)
4 5 54.161.176.201 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 52.72.175.129 14618 (AMAZON-AES)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 3.218.77.41 14618 (AMAZON-AES)
518 102
12    184.73.36.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-36-82.compute-1.amazonaws.com
ntdeals.net
3    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
hb.vntsm.com
14    108.138.128.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-101.jfk50.r.cloudfront.net
cdn.ntdeals.net
2    2607:f8b0:4006:807::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a04:4e42:400::614 (United States)

ASN54113 (FASTLY, US)
assets.nintendo.com
2    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    13.35.93.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-28.jfk50.r.cloudfront.net
ats.rlcdn.com
1    2600:9000:2512:5c00:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)
d1oykxszdrgjgl.cloudfront.net
1    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    52.85.61.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-12.ewr53.r.cloudfront.net
geo.privacymanager.io
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
18    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    54.237.196.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-196-214.compute-1.amazonaws.com
btlr.sharethrough.com
32    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
venatusmedia-d.openx.net
us-u.openx.net
10    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
4    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
hb-api.omnitagjs.com
5    18.205.173.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-173-16.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
4    23.105.14.96 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.96.rdns.racklot.com
prg.smartadserver.com
9    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
9    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    69.192.109.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-53.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
6    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
22    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    34.206.164.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-164-61.compute-1.amazonaws.com
match.prod.bidr.io
57    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
1    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
8    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    173.231.178.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    34.200.16.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-16-206.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    54.221.123.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-123-214.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    44.205.120.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-120-122.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
11    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
10    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
5    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
4    52.87.25.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-25-51.compute-1.amazonaws.com
sync.crwdcntrl.net
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
6    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loada.exelator.com
2    23.0.196.34 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-196-34.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
3    34.171.234.26 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com
um.simpli.fi
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
7    2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    2606:ae80:1451:22::730 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
33across-match.dotomi.com
2    54.175.24.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-24-238.compute-1.amazonaws.com
sync.ipredictive.com
10    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    44.201.217.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-201-217-92.compute-1.amazonaws.com
ads.avct.cloud
1    52.3.185.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-185-245.compute-1.amazonaws.com
rtb.adentifi.com
4    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    204.2.255.233 (United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
2    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
42    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
4    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
22    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
12    2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
2    23.78.168.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-168-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.31.12.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-12-122.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
5    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
64    2607:f8b0:4006:81e::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
googleads4.g.doubleclick.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
5    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
ipac.ctnsnet.com
1    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
2    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
10    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    96.7.65.215 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-7-65-215.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    2600:1f18:612b:4264:e300:4af3:2fab:c142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
4    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
4    54.187.41.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-41-104.us-west-2.compute.amazonaws.com
scotiabank.demdex.net
16    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
3    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    104.66.251.81 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-66-251-81.deploy.static.akamaitechnologies.com
px.owneriq.net
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    15.235.43.119 (Canada)

ASN16276 (OVH, FR)
PTR: ns5012066.ip-15-235-43.net
c.us1.dyntrk.com
1    107.22.187.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-187-94.compute-1.amazonaws.com
ads.yieldmo.com
1    3.92.100.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-100-173.compute-1.amazonaws.com
match.sharethrough.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
4    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
5    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    63.251.86.51 (Woodbridge, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
6    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
12    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    172.104.70.67 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1680-67.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    3.222.96.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-96-203.compute-1.amazonaws.com
io.narrative.io
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
5    54.161.176.201 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-176-201.compute-1.amazonaws.com
i.liadm.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    52.72.175.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-175-129.compute-1.amazonaws.com
aorta.clickagy.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    3.218.77.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-77-41.compute-1.amazonaws.com
bpi.rtactivate.com
Apex Domain
Subdomains		 Transfer
84 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 197
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 344
366 KB
64 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 294
515 KB
64 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
521 KB
50 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 467
ads.pubmatic.com — Cisco Umbrella Rank: 478
image6.pubmatic.com — Cisco Umbrella Rank: 699
simage2.pubmatic.com — Cisco Umbrella Rank: 635
image2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 906
simage4.pubmatic.com — Cisco Umbrella Rank: 1192
aud.pubmatic.com — Cisco Umbrella Rank: 4053
68 KB
36 openx.net
venatusmedia-d.openx.net — Cisco Umbrella Rank: 34050
us-u.openx.net — Cisco Umbrella Rank: 417
rtb.openx.net — Cisco Umbrella Rank: 1533
6 KB
29 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 793
lexicon.33across.com — Cisco Umbrella Rank: 1711
events-ssc.33across.com — Cisco Umbrella Rank: 1775
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 4869
11 KB
26 ntdeals.net
ntdeals.net
cdn.ntdeals.net
297 KB
24 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1128
cms.analytics.yahoo.com — Cisco Umbrella Rank: 803
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 412
9 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 211
acdn.adnxs.com — Cisco Umbrella Rank: 555
secure.adnxs.com — Cisco Umbrella Rank: 404
104 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 465
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842
eus.rubiconproject.com — Cisco Umbrella Rank: 548
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5146
token.rubiconproject.com — Cisco Umbrella Rank: 572
pixel.rubiconproject.com — Cisco Umbrella Rank: 310
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1020
42 KB
23 google.com
analytics.google.com — Cisco Umbrella Rank: 337
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1966
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 2
54 KB
16 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1947
mp.4dex.io — Cisco Umbrella Rank: 1997
u.4dex.io — Cisco Umbrella Rank: 4455
32 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 702
dis.criteo.com — Cisco Umbrella Rank: 672
gum.criteo.com — Cisco Umbrella Rank: 388
mug.criteo.com — Cisco Umbrella Rank: 2859
10 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 509
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 529
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
8 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
6 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
5 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 811
2 KB
7 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1700
idsync.rlcdn.com — Cisco Umbrella Rank: 350
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 595
39 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 562
i6.liadm.com — Cisco Umbrella Rank: 1698
3 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 426
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
3 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 291
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
5 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
89 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
2 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 706
d.turn.com — Cisco Umbrella Rank: 1044
2 KB
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2795
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
974 B
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 561
cm.adform.net — Cisco Umbrella Rank: 1350
2 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1583
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 545
2 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
ice.360yield.com — Cisco Umbrella Rank: 1875
934 B
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 940
match.sharethrough.com — Cisco Umbrella Rank: 497
1 KB
5 google.ca
www.google.ca — Cisco Umbrella Rank: 7961
adservice.google.ca — Cisco Umbrella Rank: 12660
2 KB
5 nintendo.com
assets.nintendo.com — Cisco Umbrella Rank: 61901
38 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 637
6 KB
4 demdex.net
scotiabank.demdex.net — Cisco Umbrella Rank: 53968
3 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 591
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
193 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 598
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2852
33across-match.dotomi.com — Cisco Umbrella Rank: 2749
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 734
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 518
3 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 458
2 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 984
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 590
1 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 867
3 KB
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1399
hde.tynt.com — Cisco Umbrella Rank: 4495
6 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 758
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3642
visitor.omnitagjs.com — Cisco Umbrella Rank: 730
1 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 23664
325 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 3357
643 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1061
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3522
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 332
749 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 626
58 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 399
2 KB
2 dyntrk.com
c.us1.dyntrk.com — Cisco Umbrella Rank: 10407
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1198
638 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
2 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6905
ipac.ctnsnet.com — Cisco Umbrella Rank: 4828
934 B
2 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 29701
323 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4173
965 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3103
894 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 850
1023 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 538
stags.bluekai.com — Cisco Umbrella Rank: 500
976 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 24799
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 694
881 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 913
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 705
s.tribalfusion.com — Cisco Umbrella Rank: 1799
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
838 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 684
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1278
833 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1281
1011 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1330
104 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
123 KB
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1411
109 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1835
434 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1973
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3328
465 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5111
279 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3024
348 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5640
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1853
395 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 805
225 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1085
398 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 614
470 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 9105
287 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1006
183 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 358
573 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 817
644 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1664
159 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4397
542 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1060
35 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3973
389 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2022
292 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1162
674 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 809
223 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 627
593 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 522
850 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1197
787 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1676
596 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 960
942 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
43 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 30459
678 B
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
518 107
Domain Requested by
64 s0.2mdn.net ntdeals.net
s0.2mdn.net
57 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
us-u.openx.net
38 pagead2.googlesyndication.com hb.vntsm.com
tpc.googlesyndication.com
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
ntdeals.net
d1oykxszdrgjgl.cloudfront.net
s0.2mdn.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
28 us-u.openx.net 3 redirects googleads.g.doubleclick.net
d1oykxszdrgjgl.cloudfront.net
us-u.openx.net
de.tynt.com
22 tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
ntdeals.net
googleads.g.doubleclick.net
22 simage2.pubmatic.com 2 redirects ads.pubmatic.com
18 ib.adnxs.com 7 redirects hb.vntsm.com
googleads.g.doubleclick.net
ntdeals.net
acdn.adnxs.com
16 ssc-cms.33across.com 16 redirects
14 cdn.ntdeals.net ntdeals.net
13 fundingchoicesmessages.google.com d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
12 ntdeals.net ntdeals.net
11 events-ssc.33across.com hde.tynt.com
de.tynt.com
us-u.openx.net
11 match.adsrvr.org 10 redirects hb.vntsm.com
10 googleads.g.doubleclick.net 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
ntdeals.net
googleads.g.doubleclick.net
10 x.bidswitch.net 10 redirects
10 u.4dex.io ads.pubmatic.com
d1oykxszdrgjgl.cloudfront.net
hde.tynt.com
de.tynt.com
10 c2shb.ssp.yahoo.com hb.vntsm.com
9 securepubads.g.doubleclick.net d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
9 prebid.a-mo.net 2 redirects hb.vntsm.com
8 image2.pubmatic.com ads.pubmatic.com
7 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
us-u.openx.net
6 pixel.tapad.com 4 redirects us-u.openx.net
6 pixel.rubiconproject.com 3 redirects
6 googleads4.g.doubleclick.net ntdeals.net
6 eus.rubiconproject.com d1oykxszdrgjgl.cloudfront.net
eus.rubiconproject.com
hde.tynt.com
6 ups.analytics.yahoo.com 5 redirects us-u.openx.net
6 match.prod.bidr.io 6 redirects
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
6 ads.pubmatic.com d1oykxszdrgjgl.cloudfront.net
ads.pubmatic.com
5 i.liadm.com 4 redirects
5 acdn.adnxs.com d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
5 onetag-sys.com 3 redirects 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
d1oykxszdrgjgl.cloudfront.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google.com d1oykxszdrgjgl.cloudfront.net
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
ntdeals.net
5 pixel.onaudience.com 5 redirects
5 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
us-u.openx.net
5 sync-tm.everesttech.net 5 redirects
5 assets.nintendo.com ntdeals.net
4 js-sec.indexww.com d1oykxszdrgjgl.cloudfront.net
4 gum.criteo.com 2 redirects d1oykxszdrgjgl.cloudfront.net
4 rtb.openx.net 3 redirects us-u.openx.net
4 scotiabank.demdex.net 2 redirects 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagservices.com 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
4 adservice.google.com d1oykxszdrgjgl.cloudfront.net
ntdeals.net
4 adservice.google.ca d1oykxszdrgjgl.cloudfront.net
ntdeals.net
4 pixel-sync.sitescout.com 4 redirects
4 ad.turn.com 4 redirects
4 sync.crwdcntrl.net 3 redirects
4 idsync.rlcdn.com 2 redirects ads.pubmatic.com
us-u.openx.net
4 sync.1rx.io 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 bidder.criteo.com hb.vntsm.com
4 htlb.casalemedia.com hb.vntsm.com
4 prg.smartadserver.com hb.vntsm.com
4 ad.360yield.com hb.vntsm.com
4 mp.4dex.io hb.vntsm.com
4 hbopenbid.pubmatic.com hb.vntsm.com
4 venatusmedia-d.openx.net hb.vntsm.com
4 btlr.sharethrough.com hb.vntsm.com
4 fastlane.rubiconproject.com hb.vntsm.com
3 aa.agkn.com 1 redirects us-u.openx.net
3 odr.mookie1.com 3 redirects
3 ap.lijit.com 2 redirects
3 mug.criteo.com
3 px.owneriq.net 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 um.simpli.fi 3 redirects
3 sync.mathtag.com 3 redirects
3 hb.vntsm.com ntdeals.net
hb.vntsm.com
2 io.narrative.io 1 redirects
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 eb2.3lift.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 p.rfihub.com 2 redirects
2 id.rlcdn.com 1 redirects us-u.openx.net
2 static.criteo.net d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
2 id5-sync.com hb.vntsm.com
2 c.us1.dyntrk.com 2 redirects
2 de.tynt.com 1 redirects d1oykxszdrgjgl.cloudfront.net
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 simage4.pubmatic.com ads.pubmatic.com
2 fonts.googleapis.com s0.2mdn.net
googleads.g.doubleclick.net
2 track.venatusmedia.com hb.vntsm.com
2 secure-assets.rubiconproject.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 sync.ipredictive.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 loada.exelator.com 2 redirects
2 pippio.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 pm.w55c.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 hb-api.omnitagjs.com hb.vntsm.com
2 script.4dex.io d1oykxszdrgjgl.cloudfront.net
2 i.clean.gg d1oykxszdrgjgl.cloudfront.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com ntdeals.net
www.googletagmanager.com
1 bpi.rtactivate.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 stags.bluekai.com us-u.openx.net
1 i6.liadm.com us-u.openx.net
1 d.turn.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 csync.loopme.me 1 redirects
1 cms-xch-chicago.33across.com de.tynt.com
1 lb.eu-1-id5-sync.com hb.vntsm.com
1 cm.adform.net 1 redirects
1 lexicon.33across.com hb.vntsm.com
1 match.sharethrough.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 hde.tynt.com d1oykxszdrgjgl.cloudfront.net
1 partners.tremorhub.com googleads.g.doubleclick.net
1 visitor.omnitagjs.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 aax-eu.amazon-adsystem.com
1 px.ads.linkedin.com
1 partner.googleadservices.com ntdeals.net
1 pixel-us-west.rubiconproject.com 1 redirects
1 ice.360yield.com 1 redirects
1 sync.richaudience.com d1oykxszdrgjgl.cloudfront.net
1 ius.ctnsnet.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 ad-delivery.net hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 hb.vntsm.io hb.vntsm.com
1 www.google.ca ntdeals.net
1 analytics.google.com www.googletagmanager.com
0 api.rlcdn.com Failed hb.vntsm.com
0 cs.chocolateplatform.com Failed 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
518 165

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
psdeals.net
xbdeals.net
Subject Issuer Validity Valid
psdealsapp.com
Amazon		 2022-06-15 -
2023-07-14		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
s4-san.cloudinary.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-19 -
2023-08-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-12-01 -
2023-03-01		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.360yield.com
Amazon		 2022-08-16 -
2023-09-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-01-06 -
2023-04-06		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.venatusmedia.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-01-10 -
2023-04-10		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh

This page contains 83 frames:

Primary Page: https://ntdeals.net/us-store/category/nsfw
Frame ID: 5B42AC988008DF9106FEE3A0F3FF1D16
Requests: 200 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: EB8F7FBAFC9A7BB94376EA73E476F346
Requests: 20 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
Frame ID: 4596A1FCD3497D0687D001DD122196DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8BvZwALQt4IwwAp&gdpr=0&gdpr_consent=&_test=Y8BvZwALQt4IwwAp
Frame ID: FA47B3F23A56060831A0432EE9BA9534
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 468704F35C3622494F22099FD3D3EB15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&gdpr=0&gdpr_consent=
Frame ID: EFB9AF66714005C099C454D45BC1A285
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAClik7HgN8AACFqteByfQ&gdpr=0&gdpr_consent=
Frame ID: 95122CC4A00D10059FC97AF3CBFDF3FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6795602408261108026&gdpr=0&gdpr_consent=
Frame ID: 386A7FD989893CD9E1989355C207089C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A00855C8CC6B73D89B7E2E26AA3D91F9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N
Frame ID: 434766688776C5008CE5E2153F888A9A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: CE855061A329AC5809D5251432D9FEBD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da5260a6-92b8-11ed-b89e-3b17b4e5d009
Frame ID: A3B0783B49B31E4AC12FE222D362574B
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C6778D9C-0243-4939-A202-BEE714C0F6AD
Frame ID: 46824070435A3371657CE113AC949D91
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:VvYVkAPA1Pg4jJ5&gdpr=0&gdpr_consent=
Frame ID: 95B85DB3A46E6BB2D8605F95F90DD76A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=731205241210
Frame ID: E91C9444ED7B996E79F9EC33F5226670
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=nVN3NK3aM
Frame ID: 69AE647EE6FBC6FF11FFDDDA3F3760A6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hkk_KXwaT9FWyUtvuyREwpU4mbQ
Frame ID: AD1256446446CCE7FBC0D56F35AB7C37
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7FD8C89A558F6971B3D5E54FCC3602B1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8671c17f-0d43-41af-b210-58f9931566cd-005
Frame ID: 49A6FE6592DF31D9FBA021F9CA8DFC17
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C6778D9C-0243-4939-A202-BEE714C0F6AD
Frame ID: 53D3CCC47E1067E11D3F32499AEEEB8C
Requests: 1 HTTP requests in this frame

Frame: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 80C94C2B74FE0F22206046781FC9973C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1372AF72FF536CDB91155208D8B9218B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEE1D5F5E2A5A1D52529FBDE4D6B7B30
Requests: 2 HTTP requests in this frame

Frame: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75CD60037344830F13D8ED8F78802443
Requests: 17 HTTP requests in this frame

Frame: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8F1951087229221431C8C8400424E4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMY04nZ2wEwAQ&v=APEucNU-Y5EzifdrFvt7fHOT5vkTXn9dAUHQGOp0InnlHzyyR4Yllk5j29FaHC-V6OdBXmMupfTUImBE9fACYyOs6Q-DnqxTGPmte9Od_63HHlh8YKcXako
Frame ID: 36A79EC03B9E4736E769F3FBBA7C284B
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 07A140D0D434988A1A72E6575331189B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56BB6AE1286A5006872E92DFB55AB2FF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EF367014E7B74C44EE59F8C5635EA2D6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Frame ID: B4F11068FEFA7E2AEC9FEE5AF0D8DE32
Requests: 8 HTTP requests in this frame

Frame: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Frame ID: 83B2860918A91184EAD0A5CF6C3A3E2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7039023683759476
Frame ID: D910A395FCE8BB3646B867938EC7854B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: 6D3F93245D4DF02E54683F3BC2F0F73B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&adk=1812271804&adf=480832095&plat=2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=8&bdt=188&idt=232&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&nras=1&correlator=5406179457265&frm=23&ife=1&pv=2&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.gmvjlr53fio4&fsb=1&dtd=341
Frame ID: 5134516C8BFBBF90FBFD9BEC789576ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Frame ID: A668FB665C082DFD092EC22C84939118
Requests: 15 HTTP requests in this frame

Frame: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B635916C1B1EDAC6F7D4098480E777A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 5223DB78CF62A7F9598E3A58CCF27111
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVpREBN-lArzRcRRhthDOzTIO1s7Alq1tb5MrNdpiyVrX23D4WVKs7ZVnGDe46EJyrpNGGAZzT6NM4S67-q5W38g2PWVyQ-e2EkaUVNArBRUYF5Y70
Frame ID: D1CE20CF07C17DCE5E6B8488935D5631
Requests: 5 HTTP requests in this frame

Frame: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE9D87B5D791C040D2C124F469D10363
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C9A2FF2A327111A2D880FA81277A453
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A92C0A577DD090300AF231DE5D93803
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVbqwNdfxLSC4gtipOmWLexLJiO3zTFR8YF00SHSUB_wRjm_AZ5_lmO4I29cH-xsX-ThXrACdBVKMXi69DBKqgGRdnUFYss_KnrTHL2H-xRdIkIi_E
Frame ID: 64B33300DACC7EA3603FE6E2DC0F9513
Requests: 4 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=adyoulike&uid=3237481a8a9fd40481c4dbde12a4a54d
Frame ID: CF810D010D9A2F84BF3E5A56D889D8B6
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Frame ID: C03B9CE7243518EDA299E7299745B550
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F877FACB53CF7661245BFCB1FDF4D3AF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E751B9E9503A83D644BE9B768B5494EC
Requests: 9 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Frame ID: E4814EADF423220BFA5AB3D3DE5DB868
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Frame ID: EB3591ADFAADDB633C20D5DCAADC78B5
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1B086B4B821A17F77CD6E38CC9DB6487
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 71A9F3145E7DCDBE3E6EB2BF2341DA77
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E26D0A5B0E91EEAA22A95EA0A8DB3B19
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 61C4B54F7E5C1158D76A6002F3E07B54
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 07070B6F1FDE394ABE3EB6060446CB82
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A30C887342D88122653884CC21FF0455
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: 5F8AC3A5A6ECF5BE514DE78316BA85E4
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 399F0BCF6E071C97101523B26CFA242C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E45062B13796D26E6B138CA1D039C7F1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Frame ID: FAFBC5AB74CB408004143671F69F46D1
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F30C5843E35FE4B717876956953B7F51
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: B4FA43F81727E145910028835CE6DEAA
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Frame ID: AD17D286C274D19476F2B408AAB450C7
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D79C46FC0981D3EB79A324FE8D241EC1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59EBFB0A5070657041BF20E00A349A43
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9A3D51885A48BF213EBBC4DC12CE806C
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: 0461D792F7E89B62A3924CCD01EC0034
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Frame ID: D202D11587B6E561EA4BE02B53021F5A
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 07DCEDE072845C37831B8B25A5C00D51
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: 621361B35E4808514F70B13F61605647
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: 07258DF20A6E3BD19621D4711BA971BB
Requests: 7 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 5AD13CC4B3C86C49EED069B0D7D7212F
Requests: 7 HTTP requests in this frame

Frame: https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Frame ID: 8C9BC3AB874BEEBECC60C51F5387948B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 09B5C594F830C48AE8B9C2869B1A4AB1
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntdeals.net&gdpr=0&gdpr_consent=
Frame ID: EBB340F8766A1803A99F2F7769BC6078
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Frame ID: 268EAE43349C98592F88A33AF3B74516
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 92F7015F43E202DB8549637B36D2D74F
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0234F6FDEC0206CCE6035D314A2E1655
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uHq78N1QAxWlpkMRa2_AYw
Frame ID: 242960635F241AED17FE6CAE9BCCA7A5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5489A6FDB4D6DF7D970E2FF531733FB5
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1E8BF74F3601C3B6749832A1C2B19CF2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7268422171981694997P
Frame ID: D9D6741A17C895BD857867DEED59D454
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8d07f92e-aa3e-4424-b806-ec4ffa4f8fbe
Frame ID: B08E4AC46376EB9DD7F748DFF1F39B29
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 30CD5DCA728E7BBEB80F136BFF94C5B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB&gdpr=0&gdpr_consent=
Frame ID: DA7B125E28E5002F6AA90B68AEA3DF95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nsfw in Nintendo eShop — NT Deals USA

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

518
Requests

78 %
HTTPS

26 %
IPv6

107
Domains

165
Subdomains

102
IPs

10
Countries

2972 kB
Transfer

7568 kB
Size

190
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
Request Chain 115
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y8BvZwALQt4IwwAp HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8BvZwALQt4IwwAp&gdpr=0&gdpr_consent=&_test=Y8BvZwALQt4IwwAp
Request Chain 116
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 117
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&gdpr=0&gdpr_consent=
Request Chain 118
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbGlrN0hnTjhBQUNGcXRlQnlmUQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAClik7HgN8AACFqteByfQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAClik7HgN8AACFqteByfQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3972935914184225792&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAClik7HgN8AACFqteByfQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3972935914184225792%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3972935914184225792&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAClik7HgN8AACFqteByfQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAClik7HgN8AACFqteByfQ&gdpr=0&gdpr_consent=
Request Chain 119
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6795602408261108026&gdpr=0&gdpr_consent=
Request Chain 121
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N
Request Chain 123
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da5260a6-92b8-11ed-b89e-3b17b4e5d009
Request Chain 124
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=2d8c96bb-ba41-4bc2-b1dc-6b95365c33e7&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C6778D9C-0243-4939-A202-BEE714C0F6AD
Request Chain 125
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:VvYVkAPA1Pg4jJ5&gdpr=0&gdpr_consent=
Request Chain 126
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=731205241210
Request Chain 127
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=nVN3NK3aM
Request Chain 128
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hkk_KXwaT9FWyUtvuyREwpU4mbQ
Request Chain 129
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 130
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1673555815287 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8539519916 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/df436db8-3b49-465e-b940-8484da107c77 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8671c17f-0d43-41af-b210-58f9931566cd-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-8671c17f-0d43-41af-b210-58f9931566cd-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8671c17f-0d43-41af-b210-58f9931566cd-005
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 133
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C6778D9C-0243-4939-A202-BEE714C0F6AD HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEM2Nzc4RDlDLTAyNDMtNDkzOS1BMjAyLUJFRTcxNEMwRjZBRBAAGg0I596BngYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=fbf26a04e8d000e2ecbec559018a678ba443a79b32084449c25c4592775957e3791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmYmYyNmEwNGU4ZDAwMGUyZWNiZWM1NTkwMThhNjc4YmE0NDNhNzliMzIwODQ0NDljMjVjNDU5Mjc3NTk1N2UzNzkxNDI2YjU0MTdkY2UyMRAAGgwI596BngYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmYmYyNmEwNGU4ZDAwMGUyZWNiZWM1NTkwMThhNjc4YmE0NDNhNzliMzIwODQ0NDljMjVjNDU5Mjc3NTk1N2UzNzkxNDI2YjU0MTdkY2UyMRAAGgwI596BngYSBAgCEABCAEoA&google_gid=CAESEDAo95eanKyNoQddGbxG1-A&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=87fc90cd-a177-47ce-8aa2-0201f9a0cd7a
Request Chain 134
  • https://pixel.onaudience.com/?partner=214&mapped=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7928dbadf52e6b44/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=7928dbadf52e6b44/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d8a9a62d490995c6f1e1e7e433bd7c61&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-sXqx9lRE2pSvA8Af4XU50YC_22v3ZAsAQA--~A&gdpr=0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=33de58fa071df0c8c87f8b102d7900b0&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=b8a9ec6e8ea33138
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzY3NzhEOUMtMDI0My00OTM5LUEyMDItQkVFNzE0QzBGNkFE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzY3NzhEOUMtMDI0My00OTM5LUEyMDItQkVFNzE0QzBGNkFE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYlt2Tx_5H5X7pJxMr8Okw&google_cver=1
Request Chain 137
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB
Request Chain 138
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 139
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=
Request Chain 141
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kzf5GOBE2uU6cz0NmBWgU7bIB0xLE7Y-~A&gdpr=0
Request Chain 142
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6778c0438e31426&is_secure=true&networkId=17100&version=1&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHK1s1sjmCnwNCxzMiAAAAAAA&expiration=1673642215&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 143
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a&gdpr=0&gdpr_consent=
Request Chain 144
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=8aba8345-f6c5-4666-a801-899ad621686b&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 146
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
Request Chain 147
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_FC649F66_869084B9&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 148
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5694345856564226757
Request Chain 174
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1&gdpr=0&C=1
Request Chain 194
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8BvaMNW0PM9kjBxTNi19gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELThwXkhEupKC-A5ukppZ-M&google_cver=1
Request Chain 196
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NTYwMjQwODI2MTEwODAyNg%3D%3D
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPTNqyvhybr5tQFqareJwU4&google_cver=1&google_push=AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnFK8h9WpgTOg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnFK8h9WpgTOg&google_hm=9wPpSA7oSBiXvaeNq8SWCQ==
Request Chain 219
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKvYRiNHcVgkRZWQ1S64_I4&google_cver=1&google_push=AavPq0OOyidCNDqOrvOfrbbqGEaHcATgfBOzLUN15rkAffFcJSlcvbI8Y82D2xcxvamHVAYs5lnuaBekORdXfkqWwveFoeJv9h9CTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OOyidCNDqOrvOfrbbqGEaHcATgfBOzLUN15rkAffFcJSlcvbI8Y82D2xcxvamHVAYs5lnuaBekORdXfkqWwveFoeJv9h9CTQ&google_hm=eS1FSW1hdlNSRTJwRVRoNHpsa3htbDl2cjhHMTU3T3NrTH5B
Request Chain 220
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEO8vxOQg0q1ZYu_HrsosrJs&google_cver=1&google_push=AavPq0M4AYCoVDVDUemStYxw00_S-jPBM1RGsilUWVoj7wcgpTcIPnpg8vj219IKY1O93hV1oSD2nIo_XYul_Vrdp6DA9GUPVqOygg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgxNzM0NzEzNDYzMzQ4NjI0NDc&google_push=AavPq0M4AYCoVDVDUemStYxw00_S-jPBM1RGsilUWVoj7wcgpTcIPnpg8vj219IKY1O93hV1oSD2nIo_XYul_Vrdp6DA9GUPVqOygg
Request Chain 221
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBiA1kwlQAvDCSVSmAK7hY4&google_cver=1&google_push=AavPq0MbyCPOmvhamPG_d987pXhfG0Mg130baKFGzmFdmhPn7DPsjGdlOZ7Gb1978AAsILRTTNp06_DIJ08tUYkwI-ocmCxdQEoshw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MbyCPOmvhamPG_d987pXhfG0Mg130baKFGzmFdmhPn7DPsjGdlOZ7Gb1978AAsILRTTNp06_DIJ08tUYkwI-ocmCxdQEoshw
Request Chain 222
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEApEsQsiKJHyIkiJU3rzt3g&google_cver=1&google_push=AavPq0MfrBi5HbVYQw3fPkKphCgIZDlE39MbjN1vRaKjXbe_P3V6CEybit_IRazTawfgcrRPaobKT178tTd1ipxOExjVaNpTJe4IdQ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8671c17f-0d43-41af-b210-58f9931566cd-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MfrBi5HbVYQw3fPkKphCgIZDlE39MbjN1vRaKjXbe_P3V6CEybit_IRazTawfgcrRPaobKT178tTd1ipxOExjVaNpTJe4IdQ%26google_hm%3DBYZxwX8NQ0GvshBY-ZMVZs0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MfrBi5HbVYQw3fPkKphCgIZDlE39MbjN1vRaKjXbe_P3V6CEybit_IRazTawfgcrRPaobKT178tTd1ipxOExjVaNpTJe4IdQ&google_hm=BYZxwX8NQ0GvshBY-ZMVZs0
Request Chain 223
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJFsf1RlrEcF-uZH8K0-qFA&google_cver=1&google_push=AavPq0MY-1ZpxHMzp0PCufI1u6upR2Z6-0v4ApSuqpYeSpRo7fax3JeCqe7rw9WJR0_xAUfBdJUAftLURBN_E5YxMHEH8S0M2Kse40I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AavPq0MY-1ZpxHMzp0PCufI1u6upR2Z6-0v4ApSuqpYeSpRo7fax3JeCqe7rw9WJR0_xAUfBdJUAftLURBN_E5YxMHEH8S0M2Kse40I&google_hm=UzreBbHMTBS2AM1oiISqOLQ
Request Chain 224
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBiA1kwlQAvDCSVSmAK7hY4&google_cver=1&google_push=AavPq0MQWAdspETivRMs_xrubhw_CEqkvK8PEUdtLroxBXxGyAbW-58M-yH3SCk-NQUPRb_5t99hhcLwT6D_d4QpOUbcUEAGQMavHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MQWAdspETivRMs_xrubhw_CEqkvK8PEUdtLroxBXxGyAbW-58M-yH3SCk-NQUPRb_5t99hhcLwT6D_d4QpOUbcUEAGQMavHQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 246
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=f2198175-84ea-4119-999d-278ab29b1f63
Request Chain 254
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
Request Chain 264
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LCTJX77B-4-86XX HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LCTJX77B-4-86XX
Request Chain 273
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB
Request Chain 274
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBmN2FkOTQ5YjU5YTY0ZGZlMWVkMjU5ZGFmYTEzMjg3OGY0YzQ4Mg
Request Chain 275
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCTJX77B-4-86XX
Request Chain 276
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tyG2YpDZp4c2jPO6MoxrIQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WA1asf1E2oL6PmbvZujYYx2Aaz2EFmm0HWJ.UQ--~A
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKLKGx_Ul4V3p5QU2Mv0aU&google_cver=1
Request Chain 278
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY
Request Chain 280
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UO25jztlQzOtLTjO08X_Rg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO25jztlQzOtLTjO08X_Rg
Request Chain 281
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=&expires=30
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1&gdpr=0
Request Chain 298
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKtclj5-89DLA3VZ1ARJVFw&google_cver=1&gdpr=0
Request Chain 300
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjJlNDE1YTMtNTIyOC00MzMyLWFhZDEtYThhMDMzNWQyY2Y3
Request Chain 319
  • https://visitor.omnitagjs.com/visitor/bsync?uid=bc65ac468bfc90e6260132832a3bc684&name=ADAGIO&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dadyoulike%26uid%3D%24UID HTTP 307
  • https://u.4dex.io/setuid?bidder=adyoulike&uid=3237481a8a9fd40481c4dbde12a4a54d
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEEBcO8-6fH2me3mlPAwpdTo&google_cver=1&gdpr=0
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEO7wxIIJOp3fB2yh6X7s3cw&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEO7wxIIJOp3fB2yh6X7s3cw&google_cver=1&__user_check__=1&sync_id=dbc0ca01-92b8-11ed-b439-154f9acf0303
Request Chain 323
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=dbc0dd7c-92b8-11ed-930c-1eb31db50403 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJjMGM5YTYtOTJiOC0xMWVkLWI0MzktMTU0ZjlhY2YwMzAz
Request Chain 327
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
Request Chain 329
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593 HTTP 302
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593
Request Chain 344
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Request Chain 374
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626 HTTP 302
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626
Request Chain 377
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOTdzPYd3tWwfSrF7jvUw6w&google_cver=1&google_push=AavPq0Nte8pw-ZShCgIc59ELmy0MrOjMfHXbKRL1xab5NdUoyXK3kzIofNrYwkRCq4LBLqUdGYeewUsUG2Eyp3JgZjD1ZcWF02Yz7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0Nte8pw-ZShCgIc59ELmy0MrOjMfHXbKRL1xab5NdUoyXK3kzIofNrYwkRCq4LBLqUdGYeewUsUG2Eyp3JgZjD1ZcWF02Yz7A&google_hm=i75hmbwJwTkTqbB5KCw_5w==
Request Chain 378
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK25Y7kBQ7h7SXrHmpi1OHA&google_cver=1&google_push=AavPq0Nou5J9Ova5WWSCo5I_s5U72qI1QK0nUMX-1uCdr6kGmk43Z9NWHjnv1vgNXCNe-eZ7a-eEjp_qLmYKgOVlohfZMs8jmuKkvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Nou5J9Ova5WWSCo5I_s5U72qI1QK0nUMX-1uCdr6kGmk43Z9NWHjnv1vgNXCNe-eZ7a-eEjp_qLmYKgOVlohfZMs8jmuKkvA
Request Chain 379
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEoHdwSVdKppRRwqv31Mcec&google_cver=1&google_push=AavPq0P3JIfLcUTda00plCmFlaqV21uhhoz8aQ6zO1QtUBFvjN-q1Teb3FrH-CwvaggTQ6_D5ADhGjGKQ7-qWR5mAEzaC93eNeKfAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY&google_push=AavPq0P3JIfLcUTda00plCmFlaqV21uhhoz8aQ6zO1QtUBFvjN-q1Teb3FrH-CwvaggTQ6_D5ADhGjGKQ7-qWR5mAEzaC93eNeKfAw
Request Chain 380
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELlp0OliQpeg0k76SS-7YEk&google_cver=1&google_push=AavPq0PpHRJ9wGruUeUlf5BbWhrRKhyKDUjXGtwwrWX16iPnXrNH1U5j_caFp5efeqGR2DwfXxSDc2c97ZaVyJW1CWR1Sl2I97ljtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELlp0OliQpeg0k76SS-7YEk&google_hm=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB&google_nid=index&google_push=AavPq0PpHRJ9wGruUeUlf5BbWhrRKhyKDUjXGtwwrWX16iPnXrNH1U5j_caFp5efeqGR2DwfXxSDc2c97ZaVyJW1CWR1Sl2I97ljtA
Request Chain 383
  • https://px.owneriq.net/ecmg?google_gid=CAESEB9IC_CEXkUzd32tT1nhhPk&google_cver=1&google_push=AavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP%26google_cver%3d1%26google_gid%3dCAESEB9IC_CEXkUzd32tT1nhhPk%26google_hm%3dUTcyNjg0MjIxNzE5ODE2OTQ5OTc%3d&uid=Q7268422171981694997&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP&google_cver=1&google_gid=CAESEB9IC_CEXkUzd32tT1nhhPk&google_hm=UTcyNjg0MjIxNzE5ODE2OTQ5OTc=
Request Chain 384
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENHz2S9nfqJtUJ_8PrejD-s&c_param1=AavPq0Njx2p6h_8w3CB2bQljoGbJxLuJllEpnLOlazuvvYhod2FydH8BuZkTF7i6liDZb2s1paNtTPiiNlVJsgb_JDa4DmvlcYzm&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0Njx2p6h_8w3CB2bQljoGbJxLuJllEpnLOlazuvvYhod2FydH8BuZkTF7i6liDZb2s1paNtTPiiNlVJsgb_JDa4DmvlcYzm
Request Chain 385
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGtJaczKi6jydSwo0vFDyzs&google_cver=1&google_push=AavPq0MKobQuY12UBQijKM9baL0cz3vmybgCpWMcZszubQP8xke63EHgXWL02zX3j6FgCvZQr4qq3DvdfMeO7umOfNtwnM26lTM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5NDM0NTg1NjU2NDIyNjc1Nw&google_push=AavPq0MKobQuY12UBQijKM9baL0cz3vmybgCpWMcZszubQP8xke63EHgXWL02zX3j6FgCvZQr4qq3DvdfMeO7umOfNtwnM26lTM
Request Chain 386
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOTdzPYd3tWwfSrF7jvUw6w&google_cver=1&google_push=AavPq0P3oKgpZMdfNJkPfkq-tTOEedDSYb0l-vLVmI8vFRcH9zN4RuNBapBBRsLUNLhHo6gaMhGmmWnpZWkbre3Px4tr-G4-W6k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0P3oKgpZMdfNJkPfkq-tTOEedDSYb0l-vLVmI8vFRcH9zN4RuNBapBBRsLUNLhHo6gaMhGmmWnpZWkbre3Px4tr-G4-W6k&google_hm=i75hmbwJwTkTqbB5KCw_5w==
Request Chain 387
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEWUVSqaMHVOklnbBrDDJW4&google_cver=1&google_push=AavPq0MvcgQOZuEHQ2GXliDYI7EtlvMPnel4AWpP1z5TUZR2itziEvfz056lrsjgl-VDx-uDa8F3By3ThDyyyahw1Y2Wr6767QcE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MvcgQOZuEHQ2GXliDYI7EtlvMPnel4AWpP1z5TUZR2itziEvfz056lrsjgl-VDx-uDa8F3By3ThDyyyahw1Y2Wr6767QcE
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAnc8QBNngpIkM3PEM52eQE&google_cver=1&google_push=AavPq0OrtXiuDwcdXM6CwPa4ZUQZVnE6aJc8oinxIsLawRYKSyCAO9StyF2_4wMH8ELMJH5E2i_rPykc2_r6MB11oIGaDP06gusz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tS2ZOZGlaRTJ1R0lxbjdSU3JkT0tFbHo2YUtnUzhic35B&google_push=AavPq0OrtXiuDwcdXM6CwPa4ZUQZVnE6aJc8oinxIsLawRYKSyCAO9StyF2_4wMH8ELMJH5E2i_rPykc2_r6MB11oIGaDP06gusz
Request Chain 389
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOPZrRPw61K7VXUH8cyV_wU&google_cver=1&google_push=AavPq0MCxi3F8rTJAQ9dXP-707K7MO_HcPSfKdiionLM_8h2gSb3CgbJpuZNizYffMHBY4rLoWIkWIo5oN-YValT006toW8BhXz89Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
Request Chain 429
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPeKEGtOzJ7XdYlWh9F2wNA&google_cver=1&google_push=AavPq0MLZtmMrCu3i9WUjTEUT0TflE7d37t879XFre7EVMepo6w_Qf7XPujfuCxNEclM9pd_UiwDNTDbBevQKTsk2MbhJSZ8Gkv_JA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGY0MzZkYjgtM2I0OS00NjVlLWI5NDAtODQ4NGRhMTA3Yzc3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=df436db8-3b49-465e-b940-8484da107c77
Request Chain 430
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMUIDYwHuv46d5i_YhSPLio&google_cver=1&google_push=AavPq0PsfQbh4g-POQEtG2U3PYOj5hmYgNWQPYiaLvU5-WG0pn5620EuidEwUt4cwLRIOF7piuQnrE-3Rhk7CBqGVnz_M2qpTR4I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PsfQbh4g-POQEtG2U3PYOj5hmYgNWQPYiaLvU5-WG0pn5620EuidEwUt4cwLRIOF7piuQnrE-3Rhk7CBqGVnz_M2qpTR4I&google_hm=eS1FSW1hdlNSRTJwRVRoNHpsa3htbDl2cjhHMTU3T3NrTH5B
Request Chain 431
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESED_fFg-1Bh0XTbuFbbDqcgw&google_cver=1&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPcSKZl6SvKUUwfa1sMsOxe7ESHLXABftN_SKX5xln1-RYXmUOywHuNA HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESED_fFg-1Bh0XTbuFbbDqcgw&google_cver=1&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPcSKZl6SvKUUwfa1sMsOxe7ESHLXABftN_SKX5xln1-RYXmUOywHuNA&prevuid=04030001_63c06f6a3e26f&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPcSKZl6SvKUUwfa1sMsOxe7ESHLXABftN_SKX5xln1-RYXmUOywHuNA&google_hm=MDQwMzAwMDFfNjNjMDZmNmEzZTI2Zg%3D%3D
Request Chain 432
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDM_TrIfSu1dGraoMtOFjUQ&google_cver=1&google_push=AavPq0NSa9gyYTCCcAJzsb9t01FQ4Lla17xOPPc-AIHgWgs_pa9gaI_WtZa1T-5D1KAJA0UFUDVkV7Qd5wSNzom3Wuvav7kJQrf3pA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NSa9gyYTCCcAJzsb9t01FQ4Lla17xOPPc-AIHgWgs_pa9gaI_WtZa1T-5D1KAJA0UFUDVkV7Qd5wSNzom3Wuvav7kJQrf3pA&google_hm=ZzIzNzNlNjU4Njc0NTExYzI2NDg=
Request Chain 434
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAn77qSyB4yAPJOHfdwrr7k&google_cver=1&google_push=AavPq0P83RmJhfVt173NMBjVCuexWAgl2j83f8wAfUDaDzDpZwR7GhBrFEgPmHbT7RBYPmnNNbf5SSshrl93NJZKAClAD3R3TjByCwI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlNThjMDktOWZkZi00ODcwLWE3ZTMtNDA0N2YzNGNiMDA2&google_push=AavPq0P83RmJhfVt173NMBjVCuexWAgl2j83f8wAfUDaDzDpZwR7GhBrFEgPmHbT7RBYPmnNNbf5SSshrl93NJZKAClAD3R3TjByCwI
Request Chain 435
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOPZrRPw61K7VXUH8cyV_wU&google_cver=1&google_push=AavPq0PGF1NpaVvtdQ-5EyHjH7KNSegQiFvNNSvfyy4-1k06sooINyFQnFtYE0aQe2I4NW7F6AVby89dtgGBKBM64fzw1nDDITAuaPs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
Request Chain 440
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntdeals.net%2F&domain=ntdeals.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=b-DlG3xTRTdqYW00OXo2NkdwSXRNWWYxRFJoNFlzaDVLY2tVTzNwbFd1WGdTUXhNbFIrQzNqR1BKekpZZmczWkVHMWxBWnhPT091OVNOaEpTTFVHOGVYTDduVDFjRVV5elhocHN0d2tybzgzalpzM2tKNnNTeis2eVhzL2g0QXpSRFQ1Yzk0WkhnQWhnMFVkUXBPbDkwVkN4NUFSbmxsM0g5WHF1MXZ4eXFBdTNacDN4cWNCWkhGNHdHanIydmIvenZDSFRNaGNabVNHUmFDLzliNDJOTlZtMzZ3OTF4QnJkY2FoS2dyWFVIWGYyalhRPXw&cppv=2
Request Chain 462
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=10a011f3-29c5-404c-9b5a-4999224c8fac HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-NS52uhRE2uHG4.ykuqnZeRmBcAG8_FJ.kGiygCs-~A&gdpr=0
Request Chain 463
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D10a011f3-29c5-404c-9b5a-4999224c8fac&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4833%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D10a011f3-29c5-404c-9b5a-4999224c8fac%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0xMGEwMTFmMy0yOWM1LTQwNGMtOWI1YS00OTk5MjI0YzhmYWM%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/0/4833?gdpr=0&gdpr_consent=&us_privacy=1---&A=10a011f3-29c5-404c-9b5a-4999224c8fac&bidder=adform&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0xMGEwMTFmMy0yOWM1LTQwNGMtOWI1YS00OTk5MjI0YzhmYWM%3D&uid=5694345856564226757 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4833%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D10a011f3-29c5-404c-9b5a-4999224c8fac%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0xMGEwMTFmMy0yOWM1LTQwNGMtOWI1YS00OTk5MjI0YzhmYWM%253D%26uid%3D%24UID
Request Chain 464
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LCTJX77B-4-86XX&gdpr=0&us_privacy=1---
Request Chain 465
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=10a011f3-29c5-404c-9b5a-4999224c8fac&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f703e948-0ee8-4818-97bd-a78dabc49609&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596969928044676171&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c3230169-53d8-44eb-aae6-f2c609f08947&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10596969928044676171&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214250604394013625293&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596969928044676171&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 468
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
Request Chain 471
  • https://match.adsrvr.org/track/cmf/openx?oxid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
Request Chain 473
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
Request Chain 475
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 476
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
Request Chain 478
  • https://match.adsrvr.org/track/cmf/openx?oxid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
Request Chain 481
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 482
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
Request Chain 484
  • https://match.adsrvr.org/track/cmf/openx?oxid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
Request Chain 488
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
Request Chain 489
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=52969859-4e88-4590-bf3c-6418c8b9c451 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=52969859-4e88-4590-bf3c-6418c8b9c451
Request Chain 491
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=012e94c3-d8c8-4e77-aaa4-7c3dc2ae6485 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=012e94c3-d8c8-4e77-aaa4-7c3dc2ae6485
Request Chain 492
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6795602408261108026
Request Chain 494
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u.4dex.io/setuid?bidder=sovrn&uid=F-c0jLZH9GZkM-XkRx-i0S_5
Request Chain 496
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Request Chain 501
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 502
  • https://ssc-cms.33across.com/ps/?_=1673555818532.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
Request Chain 503
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033161033616790&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f703e948-0ee8-4818-97bd-a78dabc49609 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f703e948-0ee8-4818-97bd-a78dabc49609&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 504
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818532.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=aa4763c0-6f67-4300-8c17-b9630f6bce3b
Request Chain 505
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-BkgfvsRE2uEcN8xvRgEJIULyLN0xnZaV~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-BkgfvsRE2uEcN8xvRgEJIULyLN0xnZaV%7EA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 506
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=59b7995bb0d1887&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHK1s1sjmDbAM68T1EAAAAAAA&expiration=1673642218&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHK1s1sjmDbAM68T1EAAAAAAA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 507
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4370361475358131527606 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4370361475358131527606&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 517
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818711.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 518
  • https://ssc-cms.33across.com/ps/?_=1673555818711.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
Request Chain 519
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1676147818%26external_user_id%3Ddf436db8-3b49-465e-b940-8484da107c77 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1676147818&external_user_id=df436db8-3b49-465e-b940-8484da107c77
Request Chain 520
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818711.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=Y8BvaMNW0PM9kjBxTNi19gAA%263434
Request Chain 521
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 522
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=hkk_KXwaT9FWyUtvuyREwpU4mbQ HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=hkk_KXwaT9FWyUtvuyREwpU4mbQ&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 523
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818711.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6795602408261108026
Request Chain 524
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 525
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uHq78N1QAxWlpkMRa2_AYw
Request Chain 528
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7268422171981694997P
Request Chain 529
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8d07f92e-aa3e-4424-b806-ec4ffa4f8fbe
Request Chain 531
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB&gdpr=0&gdpr_consent=
Request Chain 532
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C6778D9C-0243-4939-A202-BEE714C0F6AD&addseg=10,33,39
Request Chain 533
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C6778D9C-0243-4939-A202-BEE714C0F6AD&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C6778D9C-0243-4939-A202-BEE714C0F6AD&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 535
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C6778D9C-0243-4939-A202-BEE714C0F6AD HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=dc9148a0-92b8-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:C6778D9C-0243-4939-A202-BEE714C0F6AD
Request Chain 536
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6795602408261108026
Request Chain 537
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cac20aa3-2990-44e5-8d75-ce027a74e9fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 538
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ntdeals.net&sn=ChromeSyncframe&so=0&topUrl=ntdeals.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=DE02qXxhc1pHblF0YWExK1pXd0wra0dNZWtTYjMrNzArZlpJRWpUeVl2ZjVCK2pWSUN3ak1lU2liVlBQaXJTQmQ1L1NLQjkxaExoNFV5QjNya2NxZHpRa01ON3RldFFEM3BLWjQxSjlRZUhJYUVQU2V1UXJMUVNOLzd5M0plc214TzRuUTVhQjZuNWF4NUFteDZhckxBenRzVzhoMVRNdm54bW5KaVdvaUxZTC9jNGt5UXZiTnprYkhIbnNURWtpeDhlRmI5U1JzZVVDVmo5SXZPeWowcVJQY1AwNndLWnIyNFdLMWl3dzRDSmZId0dyOFg1ajU0WDlOSjZSUHZXd0ZjQ0ZVdEJ5aGRvSFc2UjJxWktURFpycXRsQT09fA&cppv=2
Request Chain 541
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033161033616790
Request Chain 542
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5EC7D90F4544D78896FBFD4F436DFB
Request Chain 543
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=545e3721-2255-4266-b75b-00c871a3c4b2 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=545e3721-2255-4266-b75b-00c871a3c4b2&_li_chk=true&previous_uuid=537d2961544d4cbebaa4cad38e722746 HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=545e3721-2255-4266-b75b-00c871a3c4b2&previous_uuid=f4f5105737f74560870a9f040ae0936f HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8381437226329219334 HTTP 303
  • https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8381437226329219334
Request Chain 547
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=4b66df40-47f5-4459-8348-678f1f070b6c&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:02fe03964310dd8c0baef98af9bedb35
Request Chain 548
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=i75hmbwJwTkTqbB5KCw_5w==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 549
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=aa4763c0-6f67-4300-8c17-b9630f6bce3b
Request Chain 550
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a
Request Chain 556
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LCTJX77B-4-86XX HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LCTJX77B-4-86XX HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LCTJX77B-4-86XX&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 562
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C6778D9C-0243-4939-A202-BEE714C0F6AD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c3230169-53d8-44eb-aae6-f2c609f08947%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=c3230169-53d8-44eb-aae6-f2c609f08947%2C%2C

518 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nsfw
ntdeals.net/us-store/category/ 		129 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7b78cd63c8bd4d81ce3262856c2d9d5fe7b3ffaea537ea038a7426f657b9df43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, s-maxage=10
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:53 GMT
retry-after
120
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
x-mod-pagespeed
1.13.35.2-0
opensansbold.woff2
ntdeals.net/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/fonts/opensansbold.woff2
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8c9fba713be2ea7e35b6e266736a713c00328d61759e401890794831b6db525e

Request headers

Referer
https://ntdeals.net/us-store/category/nsfw
Origin
https://ntdeals.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
cache-control
max-age=31536000, public
last-modified
Thu, 05 Jan 2023 07:43:47 GMT
server
Apache/2.4.29 (Ubuntu)
accept-ranges
bytes
content-length
24448
expires
Fri, 12 Jan 2024 20:36:53 GMT
flaticon.woff
ntdeals.net/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/fonts/flaticon.woff?1vtdvj
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
acecf7a5e2cf3c138368f1028b7bd72fbc948456e2819e315e47cdb282651282

Request headers

Referer
https://ntdeals.net/us-store/category/nsfw
Origin
https://ntdeals.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
last-modified
Thu, 05 Jan 2023 07:43:47 GMT
server
Apache/2.4.29 (Ubuntu)
content-type
application/font-woff
cache-control
max-age=31536000, public, s-maxage=10
accept-ranges
bytes
content-length
16824
expires
Fri, 12 Jan 2024 20:36:53 GMT
opensans.woff2
ntdeals.net/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/fonts/opensans.woff2
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2c003703a07bac02b8e42b49562a2cdb95b9b68ef4bd669b6c9c7e9919f7dbe7

Request headers

Referer
https://ntdeals.net/us-store/category/nsfw
Origin
https://ntdeals.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
cache-control
max-age=31536000, public
last-modified
Thu, 12 Jan 2023 08:19:24 GMT
server
Apache/2.4.29 (Ubuntu)
accept-ranges
bytes
content-length
24908
expires
Fri, 12 Jan 2024 20:36:53 GMT
opensanssemibold.woff2
ntdeals.net/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/fonts/opensanssemibold.woff2
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c461ff90a396b258ae4a9ae5707588aeb2af074537683ce3fba9de5160dd62f9

Request headers

Referer
https://ntdeals.net/us-store/category/nsfw
Origin
https://ntdeals.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
cache-control
max-age=31536000, public
last-modified
Thu, 05 Jan 2023 07:43:47 GMT
server
Apache/2.4.29 (Ubuntu)
accept-ranges
bytes
content-length
25028
expires
Fri, 12 Jan 2024 20:36:53 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
314 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
6874ae9768713bc153ca59dbb900d5b69e3169878b19a386aa53468beac8e531

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:54 GMT
Content-Encoding
gzip
Venatus-CDN-HB-Rule-Version
1.1
X-IP
149.56.153.180
Connection
keep-alive
Content-Length
320210
x-sp-metadata
HS256.CPb6gZ4GEokBCiQwMmMyZmMxMC0zYWE0LTQ4MjUtYjgyYS04Mjk5MGY0ZGU2OWYQ4JXNi7XC/AIaBgjm3oGeBiIOMTQ5LjU2LjE1My4xODAokIEDMAI4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ4ODgwNjgwNS0wZmNhLTQ4ZTEtOGMzNC0zMjE2YTRlZWRlOGQY0sUTIhgIAhIUY2RzMTc2LmRjMi5od2Nkbi5uZXQ=.GTlLhi+tp5VUkCHHYZ2BC2ZiGfJB85EkDVNWxRx+zGQ=
Last-Modified
Thu, 12 Jan 2023 16:02:36 GMT
ETag
"e0bb97052f1d0c0a27f5eeb3aa32a641"
X-HW
1673555813.cds072.dc2.hn,1673555814.cds176.dc2.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo, Content-Type,x-bl,x-geo-subdivision
Cache-Control
max-age=325
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo
CA
A.ntdeals.min.css,qv=1673511564.pagespeed.cf.YnvseeB343.css
ntdeals.net/css/ 		270 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/css/A.ntdeals.min.css,qv=1673511564.pagespeed.cf.YnvseeB343.css
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b9f8426ffb62c5e57a6a324322bef16c4f64bcc6624b5b33a42ee89d2982539c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/us-store/category/nsfw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
278607
last-modified
Thu, 12 Jan 2023 20:25:31 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300,private
accept-ranges
bytes
content-length
45212
expires
Thu, 12 Jan 2023 20:30:31 GMT
xheader-icon.png,qv=2.pagespeed.ic.ZgRdDug_xS.webp
ntdeals.net/images/ntdeals/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntdeals.net/images/ntdeals/xheader-icon.png,qv=2.pagespeed.ic.ZgRdDug_xS.webp
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
10c706503e230ab828d5264a02ae9685ff8534cdc4a82ad00d070d88160933b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/us-store/category/nsfw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
last-modified
Thu, 12 Jan 2023 20:09:58 GMT
server
Apache/2.4.29 (Ubuntu)
x-original-content-length
3627
etag
W/"0"
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
link
<http://ntdeals.net/images/ntdeals/header-icon.png?v=2>; rel="canonical"
content-length
3112
expires
Fri, 12 Jan 2024 20:09:58 GMT
icon_gift_cards.png
cdn.ntdeals.net/images/collections/ 		535 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_gift_cards.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55772ce46fd6bfaf9f52883fd3446e205f8f40f56d2d1221d145369f7fc04064

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 22:34:00 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
8114575
etag
"75b3d985a4d0b19c697c76475b735deb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
535
x-amz-cf-id
zmZ2eeqvme7usP7xb47sl8CgiITalrVBtVXecdplBKz3tgYTv8lpxQ==
icon_news.png
cdn.ntdeals.net/images/collections/ 		552 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_news.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b57654fc6addbe0f8be824f16a8c441684a44035f9d479ab2d4a27211ea4188c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"fc0f7f4f3eeb4c1f9eee3c818d72d3d6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
552
x-amz-cf-id
19W__z5yN4OweyhTxZJRverYa23XFbpFgwTWQsJEWUW9qxEPPor8bg==
icon_most_wanted.png
cdn.ntdeals.net/images/collections/ 		753 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_most_wanted.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38a22a966e9ad9ea25bb216937c89ef411257bb740485269f64dc479b460a07d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"49a0adc2e649257d33b99a548afc7745"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
753
x-amz-cf-id
zj3ACVwT-n6JDKIMX07Zb0XTALuIzEuyqgGSdZCx-Wa7wOntuPTWGg==
icon_trending_deals.png
cdn.ntdeals.net/images/collections/ 		821 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_trending_deals.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a596ab5527384287bbf13a19ecd5b1ebd4f00778a2658d3f0ea0f487fcfcde3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 05:11:53 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
4461902
etag
"eca53019f28a9f47a3924ad24210a48e"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
821
x-amz-cf-id
1cCf9Wl4mRqVe52vd18Bkazkn7g4GO9ljSdhqXz_IoDWSnDfO4uNFA==
icon_new_releases.png
cdn.ntdeals.net/images/collections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_new_releases.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74df4908545bccf208a577926579ec97b600ddfff04826072eaac353d796e085

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"5cdd58e90f01b78dd9a229c8bf962656"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1064
x-amz-cf-id
wJJSaFyR0jGVtbo5JiFrvYwpnFCoH8CGCjFuHIatOKhmvuPDgq_t3Q==
icon_upcoming_releases.png
cdn.ntdeals.net/images/collections/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_upcoming_releases.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81fbeec1cb6f6bdc7f8ef5bf619a04c1e4d25d5ebbf2aa19d9fc37ff9b909396

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"d91ad4f38b3fbfda251812d0f3077549"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1212
x-amz-cf-id
YXkGuzjLs1AGTJjlEXN-smXDHpCOjiYNniHNdJwydE6OdjDCe3IRMQ==
icon_free_to_play.png
cdn.ntdeals.net/images/collections/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_free_to_play.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
394b86857818dcb04e2902bc214acc06961eb16db11d6bd1ceecf3842f376af2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827015
etag
"75eb2b6507e4bd584cba3897da5485a5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1274
x-amz-cf-id
fkBI10RpsiIU3labMvo1BIwE4OfVopLqan_IHl36awJpVR9dsPh65Q==
icon_huge_discounts.png
cdn.ntdeals.net/images/collections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_huge_discounts.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ee130c21e03f08b413eafe6e53b9798fc637195b9dc5e24201348ce19c36ff5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 05:11:54 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
4461901
etag
"283bc63a92b99078930377db17356b86"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1092
x-amz-cf-id
eWociqNnQsJS2Z0nf3CNHRStD99E6qhECcuV-b_Gld45vY_Yf-MSGQ==
icon_cheaper_than_ever.png
cdn.ntdeals.net/images/collections/ 		863 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_cheaper_than_ever.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c593e33f1f123ec64d478409423dc6f494cb92e657db1cde304003a8f6f87e86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 06:41:48 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
7653307
etag
"1d9f4136f1c6bc9d0fb6a13ada735644"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
863
x-amz-cf-id
wNRLtWH-kkZ_O7jLzaFJK8Hr0vxvBrBLsLx7j6r3U2lnE9YFrSftOw==
icon_top_rated_metacritic.png
cdn.ntdeals.net/images/collections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_top_rated_metacritic.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
887968ced83e0d2d8a07993f4d1bcca15d9d1786a15c20ee915f28029f7745fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 13:56:33 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
7627222
etag
"b3596121c57474988347331a7b234101"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1145
x-amz-cf-id
pri5xHsFqMxhDROH8gLHpI67RI0ix6Tq_JXEeVspwsCQ2jPCbMwcmA==
icon_top_rated_metacritic_sale.png
cdn.ntdeals.net/images/collections/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_top_rated_metacritic_sale.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
962073cf06c6c9ef8d8bd2073ee16c0e6ae2298dd9dd491177182d0d7588a908

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"c03c6e2fd7dd1d3ca78526a43b8379b9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1417
x-amz-cf-id
NMJZUiy87cbAjKpjaDxDFJUwnXMju6khXuy1cS8ZL96eUwLusCdOMQ==
icon_top_rated.png
cdn.ntdeals.net/images/collections/ 		830 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_top_rated.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
861ba4f310c188b9f4fc930bcfe1eda29cb73f6e7b18dbf79eb71ef46d5fe37c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"de0da538e286fec2f843492d3259f3ee"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
830
x-amz-cf-id
lNC1-S361Ew8djdfulp2PNFW6sgxCRMzSEj4PcE1_gpGXSJSJtG0fA==
icon_top_rated_sale.png
cdn.ntdeals.net/images/collections/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_top_rated_sale.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e7309650868663bad5ffb3de950665eb9dc8b6ac5b68759ca57cf6c12d848c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"b108773bae1965d130bd82daf722ffd1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1144
x-amz-cf-id
5ZfIGQZNgEzqdjSyPqrghpUGRBNPFMpEKWljbMfQHr7G3-Dk1oUSjw==
icon_recently_added.png
cdn.ntdeals.net/images/collections/ 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ntdeals.net/images/collections/icon_recently_added.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7a253af6fe7ba13f22185774e803b6f7375eb9c7ce46a604eb1bf0fb4ad6fa3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 02:53:19 GMT
via
1.1 c3e66686bc7ab6e675ee9210e15097b6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 09:05:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
9827016
etag
"46b750ece298c19f98f9d085b298dc44"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
939
x-amz-cf-id
OMD-IiDJyetKSfGkW689fNpxW0J02zN8mMQ_WJ3jRnk3Z17WU22x6Q==
gtm.js
www.googletagmanager.com/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7P8CRG
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
868316285fd667c5bdeb213c796d76bcb4db143004b20aded8f6f6f96d5b48e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46787
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 18:56:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 20:36:53 GMT
common.min.js
ntdeals.net/js/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/js/common.min.js?v=1673511564
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
04279e10a9562cb187f99d1fdab407bd98e5f9cde72111cb0ce4e841d2bcae60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/us-store/category/nsfw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Jan 2023 07:43:47 GMT
server
Apache/2.4.29 (Ubuntu)
x-original-content-length
205103
etag
W/"PSA-bUdKcV1XpG"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
60835
expires
Fri, 12 Jan 2024 20:03:43 GMT
products.min.js
ntdeals.net/js/ 		92 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/js/products.min.js?v=1673511564
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6369615e86fa496df0947913f3125895bf37873f64b984cdb2b4018593454c75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/us-store/category/nsfw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Jan 2023 08:19:24 GMT
server
Apache/2.4.29 (Ubuntu)
x-original-content-length
94718
etag
W/"PSA-s1Jl0gY2F_"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
23310
expires
Fri, 12 Jan 2024 20:24:23 GMT
flaticon.ttf
ntdeals.net/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/fonts/flaticon.ttf?1vtdvj
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/css/A.ntdeals.min.css,qv=1673511564.pagespeed.cf.YnvseeB343.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2f95e6b480b25d296ff79287ad3db5d2bc297574529d704b5c472be174f74d97

Request headers

Referer
https://ntdeals.net/css/A.ntdeals.min.css,qv=1673511564.pagespeed.cf.YnvseeB343.css
Origin
https://ntdeals.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
last-modified
Thu, 12 Jan 2023 08:19:24 GMT
server
Apache/2.4.29 (Ubuntu)
content-type
application/font-sfnt
cache-control
max-age=31536000, public, s-maxage=10
accept-ranges
bytes
content-length
16748
expires
Fri, 12 Jan 2024 20:36:53 GMT
truncated
/ 		1020 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72d65da2bd3d7db6a0776801af62663ff9ab941a8cdb6a58974a8f002cc36c35

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		611 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ae59acaccceedcddd27d83ec079e1ff5b50f9859a2235640255cb5357cc790

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		190 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e89d6c18dff9155be6cb340d81a43a87c5f4331e827fd046a9692da403e68bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		228 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97e2e3d7f578f8034153ffdb9429bce5e06ed2a8e7f12f8fd31870b2a5fbbe1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		910 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa23dba484378fb62789c25a426be03ac3174765ffe94a0ec667d094c755de45

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		228 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1123fb1f32516a5fcc033f95d32f6aaf0fedc95dfa47fa699a17b79470c126

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ec4b3e6b24caa338f574abe2cb683afa92895d62ec3f410bd457adf3cdfad1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd1eb20bd3af11c55034b224e05afa9b9d5ffece0a0eeb6457f2d17cebe88093

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3811302dec9cedfe06b861e4b204ac93f1747adec27a30c09ccbb3d8d919396

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		522 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9798839211a3636fbf4b821f83bf4be56cb190be543dad8632b215a1b7b02f5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6f465ac6e2d83d0d3c0ee76f492a21035ac0cd2deb9b0df3571d9d07201b828

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dce6ad4eb0a26d1309d112249d3cacd3d0b00d2c8bd1da58cbeeba371d2346

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64e7b9419ef130ab107ec8067bffaa6fddc8109bcb21e17e987e706c2dd248cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		226 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56af375523d1ffb3f33e991a5668daec243766eb81c59f2952c95d078ad13c01

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e95ff8c97512f62fbe14b834a15effcdbb9f889a587ab62f4d0411adf667948

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		283 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d47247991d3e22b0adcdf63c581e07ef084cd52f342a7e4ca0e492e8c064b3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		230 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22f6d597a4c3eb3e142c05d2b719573df8c0412ee0b5989b9f87662436c8355b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
833ccb96c82008cec3fbee08b6983dd83909c2618e50ee2f6453c78deecf215e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73a9e8c3f157a8ea8c7d393c63d47861a89bbc9b0f3fa525f51425084d584261

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		312 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf68aba0ee8fc71deae4a2d3a52280fccb613da0a2cd7c2f83ee5445053dfe27

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		390 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbd68abb7408d409f50e0ddf8a34e7b709876b8143d76ffd31576482a691c936

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		434 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c891b903dbc2d45c67f6db4209a0a663bdef3ab067eab8c11e1949a642c01e41

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9f587a6bfc7f679437ceac342f8fa2ac30ee91a7af0772ecafca246fd04b921

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		402 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae941e6c06daea098fee308d08f6d8a3f4b967b2e4273497e4722ca9a358945a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		228 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10ff6e2736cee93d6d3272e94b6f7c8bddaa703a3b06f63b9e546c3513998d65

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		574 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ec05c104f43d239808b1585b0f00a9349c64dfcb24dee9fdb01d845d48a0593

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		226 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73f53ebc8d6267d938335fad203e7618164714d4e6568a57bc144d65f626d6f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		202 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4552d692dfbeff75f419473d418160cab77f5d5df75e0eb71677a103d521b60

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		275 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f8dc1bcc58f4aa963546cb9eb8cc66c58cde616185749385ac1e8408299f056

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		234 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7973d60074cd40519e027a693a9195e49b5d194ad335ff13610c3dd04ba1d62

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f84bbf3a1777392fc641049e353e8ef042ee137531438573414d21d73fe9186

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dd9eabfe480f5c4de32008a9523e97d2822d74326d515691d7f70c5189d0ca9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
823297171319da0a489f780895bda275d75f977c661dafe345d54198d781f265

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1001 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c84af3b2e049778bd7e4e7015dfb48f40457e4c7fbbc09caa005ef5aa13e4cd4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c47a34a61516246dcd755ffdac2ed3df54c42b2a6419dd628ec1fb861835edd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba69f749254ca9bfe7bc469d575644646b7fd4a456481a048d882e98d4b2e68a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f1987b77d326ae73f98cb278f166b064425dd38f5afdcc5f1bb4f49ba1ea54a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		932 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7419fe4ddfda61b50f08b51e66acc116aa7d6dbb8366aa606e7e3092f9f6e504

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		896 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52b4629284d19524bcd23aeb739f07b4088581ce852004b8b763d5f74da26dca

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8e9f7c66d3a7f928c706e4e56bce81e4398cf025f62df83ff49c1419104d87b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a33693b6728570e7f62eaf833a21f3b435d21822f2c78d970c14ceae112fd206

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/webp
profile-noimage-undefined.png
ntdeals.net/images/ntdeals/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntdeals.net/images/ntdeals/profile-noimage-undefined.png
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/css/A.ntdeals.min.css,qv=1673511564.pagespeed.cf.YnvseeB343.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
93a7296c64bab9cea88cf627a04abca75eea8286c96b185aa3b3e8d26890591f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/css/A.ntdeals.min.css,qv=1673511564.pagespeed.cf.YnvseeB343.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Jan 2023 08:19:24 GMT
server
Apache/2.4.29 (Ubuntu)
etag
W/"PSA-33MaXr_MY2"
content-type
image/png
cache-control
max-age=31536000, public, public
accept-ranges
bytes
content-length
2502
expires
Fri, 12 Jan 2024 20:24:55 GMT
hero
assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/a/a-maiden-astrologer-divines-the-future-switch/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/a/a-maiden-astrologer-divines-the-future-switch/hero
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
db30143f1c2b83ead5e6daf51323589300e7854d7f78c09eeff66365e1b9e584
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 19 Dec 2022 18:00:30 GMT
server
Cloudinary
etag
"524f24f30f131860c3450d12e1a839b2"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=85;cpu=0;start=2023-01-12T20:36:54.252Z;desc=miss,rtt;dur=11,cloudinary;dur=65;start=2023-01-12T20:36:54.260Z
accept-ranges
bytes
timing-allow-origin
*
content-length
9093
hero
assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/m/my-lovely-wife-switch/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/m/my-lovely-wife-switch/hero
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
611b4f822458cafc176aed8ea7700c5bc61b240970ddf487114a195745b72cd7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 19:39:54 GMT
server
Cloudinary
etag
"8912e1edb8db9f1ea83aadeb0bc530ec"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=1;cpu=0;start=2023-01-12T20:36:54.253Z;desc=hit,rtt;dur=11
accept-ranges
bytes
timing-allow-origin
*
content-length
8721
hero
assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/v/virtual-maid-streamer-ramie-switch/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/v/virtual-maid-streamer-ramie-switch/hero
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3482b0f58986bb2a21b25f19b026bf2119f40847375fa106b86e2ee879739f83
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 20:17:01 GMT
server
Cloudinary
etag
"40fcc860281ca1156ffb61bb5ee3d134"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=110;cpu=0;start=2023-01-12T20:36:54.253Z;desc=miss,rtt;dur=11,cloudinary;dur=93;start=2023-01-12T20:36:54.261Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4984
hero
assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/2/20-ladies-switch/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/2/20-ladies-switch/hero
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
e814cb8be95a08e7e11e8069723410678cdb023dca270a876bce9cbdded424c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 01 Aug 2022 20:17:02 GMT
server
Cloudinary
etag
"328c0d528d51f7ab848abef792929d4c"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=92;cpu=0;start=2023-01-12T20:36:54.253Z;desc=miss,rtt;dur=11,cloudinary;dur=76;start=2023-01-12T20:36:54.260Z
accept-ranges
bytes
timing-allow-origin
*
content-length
5095
hero
assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/f/fantasy-tavern-sextet-vol1-new-world-days-switch/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nintendo.com/image/upload/c_scale,w_165/ncom/en_US/games/switch/f/fantasy-tavern-sextet-vol1-new-world-days-switch/hero
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bd142af183857a6125f0298689da21484d28743442be20a399e13f8e96b3f889
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Wed, 03 Aug 2022 08:42:36 GMT
server
Cloudinary
etag
"a5d8ca4b594615da9da8dd651778f83c"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31557600
server-timing
fastly;dur=2;cpu=1;start=2023-01-12T20:36:54.252Z;desc=hit,rtt;dur=11
accept-ranges
bytes
timing-allow-origin
*
content-length
9962
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2FMSBQ636B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7P8CRG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0895d253627a1d68cbd5a7c905b3b91760943c8d613544293d4fba1f16241c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78059
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 12 Jan 2023 20:36:54 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7P8CRG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 18:44:02 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6772
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 12 Jan 2023 20:44:02 GMT
collect
analytics.google.com/g/ 		0
335 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2FMSBQ636B&gtm=2oe1a1&_p=1191119096&_gaz=1&cid=1472796446.1673555814&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673555814&sct=1&seg=0&dl=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&dt=Nsfw%20in%20Nintendo%20eShop%20%E2%80%94%20NT%20Deals%20USA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FMSBQ636B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
344 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2FMSBQ636B&cid=1472796446.1673555814&gtm=2oe1a1&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FMSBQ636B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2FMSBQ636B&cid=1472796446.1673555814&gtm=2oe1a1&aip=1&z=939983954
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62fa2f488cf5ca48e4df7c8e.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/62fa2f488cf5ca48e4df7c8e.enc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
BunnyCDN-MN1-968 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://ntdeals.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Type
application/octet-stream
Date
Thu, 12 Jan 2023 20:36:54 GMT
Server
BunnyCDN-MN1-968
Transfer-Encoding
chunked
X-HW
1673555814.cds007.dc2.hn,1673555814.cds007.dc2.sl
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
CA
cdn-requestid
04a1d8779ec6fb2e82d5c93337eb4ba4
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
x-bl
0 0
content.html
hb.vntsm.io/ 		32 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
GMRNH9RCNB1YSZ62
content-length
32
x-amz-id-2
vPFTbC/pcVF4NHubpMRNQnHaF6Pi1xLQdejw+V6hyV9zBrx2eNZWH5apRCESBs5L5lrPJs8Uh34=
geo
US
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7888afe00982178c-EWR
62fa2f488cf5ca48e4df7c8e.enc
hb.vntsm.com/v2/live/ 		127 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/62fa2f488cf5ca48e4df7c8e.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
BunnyCDN-MN1-968 /
Resource Hash
8ff9984e0c22e994ba9e18075b769baef53ab32d60bb33c327d7ae275acd61f8

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
ref_url
aHR0cHM6Ly9udGRlYWxzLm5ldC91cy1zdG9yZS9jYXRlZ29yeS9uc2Z3

Response headers

Date
Thu, 12 Jan 2023 20:36:54 GMT
Content-Encoding
br
cdn-edgestorageid
968
Transfer-Encoding
chunked
cdn-cachedat
01/12/2023 16:52:31
cdn-pullzone
131999
Connection
keep-alive
Last-Modified
Thu, 22 Dec 2022 10:30:12 GMT
Server
BunnyCDN-MN1-968
cdn-proxyver
1.03
cdn-requestpullcode
200
ETag
W/"53d13ff25b02f7491cda663227bce789"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
cdn-cache
STALE
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Access-Control-Allow-Credentials
true
x-bl
0, 0
Cache-Control
public, max-age=86400
cdn-requestid
eff10467af1bf2aef3a1f63fa275f726
X-HW
1673555814.cds007.dc2.hn,1673555814.cds007.dc2.sl
cdn-requestcountrycode
CA
Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1191119096&t=pageview&_s=1&dl=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ul=en-us&de=UTF-8&dt=Nsfw%20in%20Nintendo%20eShop%20%E2%80%94%20NT%20Deals%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=2128034773&gjid=274704075&cid=1472796446.1673555814&tid=UA-201602235-1&_gid=31629594.1673555814&_r=1&gtm=2wg1a1N7P8CRG&z=671461266
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-201602235-1&cid=1472796446.1673555814&jid=2128034773&gjid=274704075&_gid=31629594.1673555814&_u=YCDACEAABAAAACAAI~&z=1326696259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 12 Jan 2023 20:36:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
mod_pagespeed_beacon
ntdeals.net/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntdeals.net/mod_pagespeed_beacon?url=http%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.36.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-36-82.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/us-store/category/nsfw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
max-age=0, no-cache
server
Apache/2.4.29 (Ubuntu)
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
date
Thu, 12 Jan 2023 01:04:40 GMT
x-amz-cf-pop
JFK50-P8
age
70335
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
4ksLZfH55bzmDBUuPw8sQlL4bMFGNcOB870D0TY4ZTJff8Ylzib8XQ==
script.js
d1oykxszdrgjgl.cloudfront.net/ 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:5c00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
600549da4b913b7bc87c29ace7cdb71ab18af1450edde0fc65b72e60a64aff84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
3uL.fflNwKVKj5ZfbgLuN5oyfDqKLFfv
content-encoding
gzip
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
date
Thu, 12 Jan 2023 20:35:53 GMT
last-modified
Thu, 12 Jan 2023 15:58:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
62
etag
W/"c5859a02cbc6fce6d2060c2fae0e31ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
iv86uneb3K-PEHijU6d-aaJxrTRlQLvEOag-bZqf9PfmTcaQVGvpDA==
px.gif
ad-delivery.net/ 		43 B
942 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
643105
x-guploader-uploadid
ADPycdsfAatSVMk3nF08C7PmGERfxm07xvb-S9ceUCSRHKrbdrJi-ilkofp5W8gm-USRath5NQHlNyo2Lz6mbEfNDx07Ow
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BovtRNP7m0dcNYK2%2B5bypQSxGMmZpjorqFoYoSXYzv04xi%2FY8WOcWEVKJsfJSLBVrpiB%2BjT7ZI70i0GiglucUNT%2Fj87E75j0e9yU%2FZ8QzCLY%2BUCcPM5mhOVLDfznS5GfBVBFIMa3RCGEauGlmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7888afe0fe810ce1-EWR
expires
Thu, 05 Jan 2023 10:09:37 GMT
/
geo.privacymanager.io/ 		30 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 11:12:32 GMT
via
1.1 d1dad7d3c339d87d553c26a84c9ca5d2.cloudfront.net (CloudFront), 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
33862
x-amzn-requestid
c4033257-be24-404c-ad29-d7bfe19abc6b
x-amzn-trace-id
Root=1-63bfeb20-32b1f16954d171e80d7e0db9;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
eoGtEGaJDoEFTkg=
content-length
30
x-amz-cf-id
zijBdbe9t95-wZQy3r5AyHZ-njoqKgpywVhHeKzpFgzKSYdRRVLRzw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ntdeals.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
server
nginx/1.21.6
via
1.1 google
localstore.js
script.4dex.io/ 		483 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:54 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
12136
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIY7SEq7PL8cg1u7NKIK7KYniAHYMjGaorkhreuVcCUxqzNRWQw%2BgtBBw7z54DOYy45MNLqaHsvmM8fRw5vNOmqqMb%2FdCCEcfhpKqgIDkfc1s6drVOtLNEQ18w1%2BCcVsm354KDBgcyvpKZmf"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7888afe26dfb5590-EWR
fastlane.json
fastlane.rubiconproject.com/a/api/ 		268 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&alt_size_ids=2%2C13%2C14%2C16%2C55%2C57&rp_schain=1.0,1!venatus.com,62fa2ce38cf5ca48e4df7c8c,1,,,&eid_pubcid.org=f5c11dc8-ab37-4c3e-9244-c827f62552ba%5E1&rf=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&tk_flint=pbjs_lite_v7.17.0&x_source.tid=37ebce9a-3ae1-4632-a9aa-b773adf5313b&l_pb_bid_id=216d92badbed9e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.869645511889293
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
201bd0993558825eebc7d6ec7024c006ef526d18c02614542f48f4675454b0ea

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ntdeals.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
268
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:54 GMT
AN-X-Request-Uuid
9cfa46e6-4f65-4b69-8357-493eeb89f098
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ntdeals.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.196.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-196-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ntdeals.net
Date
Thu, 12 Jan 2023 20:36:54 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.196.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-196-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ntdeals.net
Date
Thu, 12 Jan 2023 20:36:54 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
arj
venatusmedia-d.openx.net/w/1.0/ 		174 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=37ebce9a-3ae1-4632-a9aa-b773adf5313b%2C37ebce9a-3ae1-4632-a9aa-b773adf5313b%2C37ebce9a-3ae1-4632-a9aa-b773adf5313b%2C37ebce9a-3ae1-4632-a9aa-b773adf5313b&nocache=1673555814740&pubcid=8744d4fc-bc08-47e0-af0b-34269f1236a0&schain=1.0%2C1!venatus.com%2C62fa2ce38cf5ca48e4df7c8c%2C1%2C%2C%2C&aus=970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200%7C970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200%7C970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200%7C970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200&divids=1001-63748c3a3b26ed111bd0ed87-1%2C1001-63748c3a3b26ed111bd0ed87-1%2C1001-63748c3a3b26ed111bd0ed87-1%2C1001-63748c3a3b26ed111bd0ed87-1&aucs=%2C%2C%2C&auid=539871857%2C539871861%2C539871862%2C539871863
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e1473fbc3e9521e6eac81ce245b8eb07588acdeaafd89e78cd26b1185a60f6bc

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ntdeals.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e23a617029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
79c4089dd8b8a56d737ce6c84eaa86b5d948c3d9f08c0ebfda9f8d16ba9a3941

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e20cfb002e0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0f56c7ec5b28bc17be84d4fc7a853227ff53cee33be098dd57b8c3a1fcba84da

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a969d4401777748c6904e2136d8029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fdef3705c7951ad3cbe8ee801c2da8128f30453c86b7fa48e4f01e31729f5fd1

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e42a12102a6&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
eb2a1a8193721d57b0b3dccb36c4c65bd079eed582855261b3b1801046b1c29c

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1002 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae45116e43190032bbeaedf5bf24980f6f838ff6650d1bb8da0103a94f22dc7

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Thu, 12 Jan 2023 20:36:54 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 1001-63748c3a3b26ed111bd0ed87-1, Process Seats Booster. unable to get the seat booster engine for organization: 1090
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7888afe26e40ecea-YUL
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&CanonicalUrl=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
fc7f90033595967517f150decb32769bdf652cd7827c34cca03547a6e4a6e5b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
93
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pb
ad.360yield.com/ 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.173.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-173-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:54 GMT
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
c
prebid.a-mo.net/a/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=171882&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22332ef785cbc292f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A8%2C%22adunitcode%22%3A%221001-63748c3a3b26ed111bd0ed87-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223468ec9cf0449a5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2237ebce9a-3ae1-4632-a9aa-b773adf5313b%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262fa2ce38cf5ca48e4df7c8c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f5c11dc8-ab37-4c3e-9244-c827f62552ba%22%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da6d1cebb17eb10c2ddf35c5e4de57151d391b57f121048d8192bb5606c2a2e

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyD%2FOJSPW1XC3h8ProyGrhrAFJX6%2BOlDE9Bb60WKADuQ1oFa1dYIn2trtz8KV0zXmKYVbRXZzPBNFinooA0jQtkPwcLHW7nicYyjhmcDQCKpTWWZWIQg9G6p%2Fe%2Fan7OjbCseYt5w"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7888afe2af59549d-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=96042661325&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0359319be6c3e5b8ff3dd10965ba14fb1504671f602c58f9cf0e443ec9a9c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27579
x-xss-protection
0
server
sffe
etag
"1450 / 964 of 1000 / last-modified: 1673551707"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Jan 2023 20:36:54 GMT
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:54 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GVQ6RB413J9NMPF7
Age
1749507
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
pKJc5oqKBb2d3wkgO+hGJI1kGnZzMI3KaEz46DsA/2A6SVlCHAEktutO3YKrntl3m9WAZcno8h7j4DBjy+Atbw==
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Bs9cADflyuhZwhKGpwUmOwZh7wnQzvik5tTCdx8cO52SNutFPfDU6jcaGRk2nbq%2BCS82WAWVXUXfNUAQvhNrzNRvbtIXBci%2FW%2B8TCfZQsiRKCiStdUyEPNBi8DmZefZi9VEDFtADYqueZGg"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
7888afe33b75c32c-EWR
pubads_impl_2023010501.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132895
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:36:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Jan 2024 19:28:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		163 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntdeals.net
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fa569e6bca289708deb07a240157e526d352df6ca9daea839a6e0a3653e195b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:54 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB8F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51963
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Fri, 13 Jan 2023 11:02:58 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
154013155
fundingchoicesmessages.google.com/i/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00e681fdb1daf6c445f4f763203ddc366f28dc35a8afe3f472d73cc679130c59
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VH5u-SwIb4yKiiaZ6zC5QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VH5u-SwIb4yKiiaZ6zC5QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EB8F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52047655&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6c032ba7289a6560a84b6808a56b01fa01574017ad33b0981bb77600f48765ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 4596
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FA47
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8BvZwALQt4IwwAp&gdpr=0&gdpr_consent=&_test=Y8BvZwALQt4IwwAp
1 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8BvZwALQt4IwwAp&gdpr=0&gdpr_consent=&_test=Y8BvZwALQt4IwwAp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 12 Jan 2023 20:36:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y8BvZwALQt4IwwAp&gdpr=0&gdpr_consent=&_test=Y8BvZwALQt4IwwAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4565-YYZ
x-timer
S1673555815.277725,VS0,VE0
dcm
s.amazon-adsystem.com/ Frame 4687
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 12 Jan 2023 20:36:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RWHMT45NP5WVEF2D534K

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 12 Jan 2023 20:36:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MAQD4QB0Q547N1RAX54C
Pug
simage2.pubmatic.com/AdServer/ Frame EFB9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 12 Jan 2023 20:36:55 GMT
Expires
Thu, 12 Jan 2023 20:36:54 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master iad-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 9512
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbGlrN0hnTjhBQUNGcXRlQnlmUQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAClik7HgN8AACFqteByfQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAClik7HgN8AACFqteByfQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3972935914184225792&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAClik7HgN8AACFqteByfQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3972935914184225792%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3972935914184225792&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAClik7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAClik7HgN8AACFqteByfQ&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAClik7HgN8AACFqteByfQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 12 Jan 2023 20:36:55 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAClik7HgN8AACFqteByfQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 386A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6795602408261108026&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6795602408261108026&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
16922967-8e9a-4e30-ab41-2ba0c4904e37
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Jan 2023 20:36:55 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6795602408261108026&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync.aspx
dis.criteo.com/dis/ Frame A008 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:54 GMT
expires
Thu, 12 Jan 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
502984
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 4347
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N
42 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
141
match.deepintent.com/usersync/ Frame CE85 		0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 12 Jan 2023 20:36:54 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame A3B0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da5260a6-92b8-11ed-b89e-3b17b4e5d009
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da5260a6-92b8-11ed-b89e-3b17b4e5d009
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da5260a6-92b8-11ed-b89e-3b17b4e5d009
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-2
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 4682
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=2d8c96bb-ba41-4bc2-b1dc-6b95365c33e7&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C6778D9C-0243-4939-A202-BEE714C0F6AD
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C6778D9C-0243-4939-A202-BEE714C0F6AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.16.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-16-206.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 12 Jan 2023 20:36:55 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 12 Jan 2023 20:36:55 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C6778D9C-0243-4939-A202-BEE714C0F6AD
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 95B8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:VvYVkAPA1Pg4jJ5&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:VvYVkAPA1Pg4jJ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 12 Jan 2023 20:36:55 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:VvYVkAPA1Pg4jJ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-03270c747d63b1a04@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E91C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=731205241210
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=731205241210
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=731205241210
Pug
simage2.pubmatic.com/AdServer/ Frame 69AE
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=nVN3NK3aM
42 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=nVN3NK3aM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=nVN3NK3aM
vary
Origin
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame AD12
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hkk_KXwaT9FWyUtvuyREwpU4mbQ
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hkk_KXwaT9FWyUtvuyREwpU4mbQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Jan 2023 20:36:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hkk_KXwaT9FWyUtvuyREwpU4mbQ
i.match
s.tribalfusion.com/z/ Frame 7FD8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7888afe5e88b7145-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7888afe53f507145-YUL
content-type
text/html
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
3557
Pug
simage2.pubmatic.com/AdServer/ Frame 49A6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1673555815287
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8539519916
  • https://sync.1rx.io/usersync/tradedesk/df436db8-3b49-465e-b940-8484da107c77
  • https://sync.targeting.unrulymedia.com/csync/RX-8671c17f-0d43-41af-b210-58f9931566cd-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8671c17f-0d43-41af-b210-58f9931566cd-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8671c17f-0d43-41af-b210-58f9931566cd-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 12 Jan 2023 20:36:55 GMT
ETag
RX8671c17f0d4341afb21058f9931566cd005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8671c17f-0d43-41af-b210-58f9931566cd-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
setuid
u.4dex.io/ Frame 53D3 		0
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)C6778D9C-0243-4939-A202-BEE714C0F6AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB8F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=51963
accept-ranges
bytes
content-length
5554
expires
Fri, 13 Jan 2023 11:02:58 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame EB8F
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=C6778D9C-0243-4939-A202-BEE714C0F6AD
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEM2Nzc4RDlDLTAyNDMtNDkzOS1BMjAyLUJFRTcxNEMwRjZBRBAAGg0I596BngYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=fbf26a04e8d000e2ecbec559018a678ba443a79b32084449c25c4592775957e3791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmYmYyNmEwNGU4ZDAwMGUyZWNiZWM1NTkwMThhNjc4YmE0NDNhNzliMzIwODQ0NDljMjVjNDU5Mjc3NTk1N2UzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmYmYyNmEwNGU4ZDAwMGUyZWNiZWM1NTkwMThhNjc4YmE0NDNhNzliMzIwODQ0NDljMjVjNDU5Mjc3NTk1N2UzNzkxNDI2YjU0MTdkY2UyMRAAGgwI596BngYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=87fc90cd-a177-47ce-8aa2-0201f9a0cd7a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=87fc90cd-a177-47ce-8aa2-0201f9a0cd7a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=87fc90cd-a177-47ce-8aa2-0201f9a0cd7a
date
Thu, 12 Jan 2023 20:36:55 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
33141
tags.bluekai.com/site/ Frame EB8F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7928dbadf52e6b44/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=7928dbadf52e6b44/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d8a9a62d490995c6f1e1e7e433bd7c61&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-sXqx9lRE2pSvA8Af4XU50YC_22v3ZAsAQA--~A&gdpr=0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=33de58fa071df0c8c87f8b102d7900b0&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=b8a9ec6e8ea33138
62 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=b8a9ec6e8ea33138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.0.196.34 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-196-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 12 Jan 2023 20:36:57 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=b8a9ec6e8ea33138
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzY3NzhEOUMtMDI0My00OTM5LUEyMDItQkVFNzE0QzBGNkFE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzY3NzhEOUMtMDI0My00OTM5LUEyMDItQkVFNzE0QzBGNkFE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYlt2Tx_5H5X7pJxMr8Okw&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYlt2Tx_5H5X7pJxMr8Okw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYlt2Tx_5H5X7pJxMr8Okw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 12 Jan 2023 20:36:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 11 Jan 2023 20:36:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=
42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
C6778D9C-0243-4939-A202-BEE714C0F6AD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EB8F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C6778D9C-0243-4939-A202-BEE714C0F6AD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C6778D9C-0243-4939-A202-BEE714C0F6AD&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kzf5GOBE2uU6cz0NmBWgU7bIB0xLE7Y-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kzf5GOBE2uU6cz0NmBWgU7bIB0xLE7Y-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Kzf5GOBE2uU6cz0NmBWgU7bIB0xLE7Y-~A&gdpr=0
date
Thu, 12 Jan 2023 20:36:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6778c0438e31426&is_secure=true&networkId=17100&version=1&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHK1s1sjmCnwNCxzMiAAAAAAA&expiration=1673642215&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHK1s1sjmCnwNCxzMiAAAAAAA&expiration=1673642215&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHK1s1sjmCnwNCxzMiAAAAAAA&expiration=1673642215&nuid=C6778D9C-0243-4939-A202-BEE714C0F6AD&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a&gdpr=0&gdpr_consent=
1 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a&gdpr=0&gdpr_consent=
Date
Thu, 12 Jan 2023 20:36:55 GMT
Connection
keep-alive
X-CI-RTID
f0726cc7-ec40-44d5-8f74-97001e51c907
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=8aba8345-f6c5-4666-a801-899ad621686b&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 12 Jan 2023 20:36:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame EB8F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.185.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-185-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
42 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:54 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame EB8F
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_FC649F66_869084B9&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
204.2.255.233 , United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-356542615; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:55 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-356542615; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame EB8F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5694345856564226757
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5694345856564226757
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5694345856564226757
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
AGSKWxWapxKBu0dIKPkLWgSBoHM1Aw4PDpdvjVru8-nK6vFq9nz8Wj3p1S2yf85vhfceH4a0inUqsUg7zSWYKpalLHI=
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWapxKBu0dIKPkLWgSBoHM1Aw4PDpdvjVru8-nK6vFq9nz8Wj3p1S2yf85vhfceH4a0inUqsUg7zSWYKpalLHI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNTU1ODE1LDI4NDAwMDAwMF0sIjc1RUU1MTNDLTAxQUQtNDYzRi1COEIyLUIyOUU3RDcyMEIyRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbnRkZWFscy5uZXQvdXMtc3RvcmUvY2F0ZWdvcnkvbnNmdyIsbnVsbCxbWzgsIkdHWldRMGlHb204Il0sWzksImVuLVVTIl1dXQ
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71027d64ceb49192efada89c7a9cf3e4987fc90c3a4e02edbc95ed20f9108cc1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U7DGf11AN2cV3L6KcCUi1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-U7DGf11AN2cV3L6KcCUi1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2214960316387150&correlator=2585627866874310&eid=31071091%2C31071522%2C31071524%2C21065724%2C31071351&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&gdpr=0&tfua=0&tfcd=0&iu_parts=21726375739%3A21621083319%2CVM_62fa2f488cf5ca48e4df7c8e&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x200%7C250x250%7C728x90%7C300x250%7C970x90%7C336x280%7C970x250&ifi=1&adks=296857842&didk=3712602260&sfv=1-0-40&prev_scp=hb_pb%3D0.11%26hb_adid%3D63748c3a3b26ed111bd0ed87-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D2a0b3c99321b2641e63d54cf2d0e3c46%26mo%3Dscan%26ac_id%3D62fa2ce38cf5ca48e4df7c8c%26si_id%3D62fa2f488cf5ca48e4df7c8e%26pl_id%3D63748c3a3b26ed111bd0ed87%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-22%252010%253A30%253A10%26ta_si%3D200x200%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D62e1e331b0218a1f14096bca0079fa68%26to_sp%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1673555815325&lmt=1673555815&dlt=1673555813785&idt=1208&adxs=700&adys=258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&frm=20&vis=1&psz=970x-1&msz=200x-1&fws=4&ohw=1140&ga_vid=1472796446.1673555814&ga_sid=1673555815&ga_hid=1191119096&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9bcdd72fa5c62e032dfa12ed7ef239863ff15dffe8e87462441d79a68a69cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9768
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		969 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2214960316387150&correlator=2744618302199571&eid=31071091%2C31071522%2C31071524%2C21065724%2C31071351&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&gdpr=0&tfua=0&tfcd=0&iu_parts=21726375739%3A21621083319%2CVM_62fa2f488cf5ca48e4df7c8e&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=143189805&didk=1023882324&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1673555815338&lmt=1673555815&dlt=1673555813785&idt=1208&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1472796446.1673555814&ga_sid=1673555815&ga_hid=1191119096&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67ceb97caf06aadcd3994b00e2b9d22e0f5b4dc405e5127cef728c5c7f7fbf1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
462
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2214960316387150&correlator=3485358188245284&eid=31071091%2C31071522%2C31071524%2C21065724%2C31071351&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&gdpr=0&tfua=0&tfcd=0&iu_parts=21726375739%3A21621083319%2CVM_62fa2f488cf5ca48e4df7c8e&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x200%7C250x250%7C728x90%7C300x250%7C970x90%7C336x280%7C970x250&ifi=3&adks=296857841&didk=3712602261&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D63748c3a3b26ed111bd0ed87-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D2a0b3c99321b2641e63d54cf2d0e3c46%26mo%3Dscan%26ac_id%3D62fa2ce38cf5ca48e4df7c8c%26si_id%3D62fa2f488cf5ca48e4df7c8e%26pl_id%3D63748c3a3b26ed111bd0ed87%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-22%252010%253A30%253A10%26ta_si%3D200x200%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D62e1e331b0218a1f14096bca0079fa68%26bf_br%3D17100000%26af_im%3D17100000&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1673555815342&lmt=1673555815&dlt=1673555813785&idt=1208&adxs=700&adys=1161&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&frm=20&vis=1&psz=970x-1&msz=200x-1&fws=4&ohw=1140&ga_vid=1472796446.1673555814&ga_sid=1673555815&ga_hid=1191119096&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a088f976a6a0a44d164331db202c0d22ae2d6cd681345c33ae2724b47a8431dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10548
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010501&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e45f098abc00b84ed7affc3b656104a67762dcacb125e16b6ce3d2d0c485e6ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
container.html
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 80C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Fri, 12 Jan 2024 20:36:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023010501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023010501.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6ac622d38ff7386ff10f9d4fdf98898e1c1b08963329333177455579c8e0acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13848
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:36:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Jan 2024 16:24:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:55 GMT
AGSKWxUU__uQ4NU5dfYRpofXOnYRG_ANKjexW1np9LAmsEm_TfB4eHxjeGlY0GXeSolZ7xe3M08-7-zrnm9w0PWOg1z4pRnzslRMy-kCG5N4Z-1HQpsl-pr8FD53k6Q2QQldZGQRbjCDNQ==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUU__uQ4NU5dfYRpofXOnYRG_ANKjexW1np9LAmsEm_TfB4eHxjeGlY0GXeSolZ7xe3M08-7-zrnm9w0PWOg1z4pRnzslRMy-kCG5N4Z-1HQpsl-pr8FD53k6Q2QQldZGQRbjCDNQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNTU1ODE1LDQ5MjAwMDAwMF0sIjc1RUU1MTNDLTAxQUQtNDYzRi1COEIyLUIyOUU3RDcyMEIyRSIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMl0sImh0dHBzOi8vbnRkZWFscy5uZXQvdXMtc3RvcmUvY2F0ZWdvcnkvbnNmdyIsbnVsbCxbWzgsIkdHWldRMGlHb204Il0sWzksImVuLVVTIl1dXQ
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc62f01a9a000691ec8548fee72ffd99e066d8951ff376a6bbdac1685fb74a25
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G0SrhaKslbO0nb5mnV-gdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-G0SrhaKslbO0nb5mnV-gdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1372 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:28:39 GMT
expires
Fri, 12 Jan 2024 19:28:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FEE1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f618c253623c3a2d0fee0d2427f1ac8b10c1927ab9a6d1f91d710a2ce0e07a7e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g03bCfvHHhrUhr8nMEwHvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-g03bCfvHHhrUhr8nMEwHvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Thu, 12 Jan 2023 20:36:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 1372 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FEE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010501&jk=2214960316387150&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
container.html
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Fri, 12 Jan 2024 20:36:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8F1 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:55 GMT
AN-X-Request-Uuid
efa83155-67ff-4566-945f-cb6bec511b16
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ntdeals.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 36A7 		645 B
683 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMY04nZ2wEwAQ&v=APEucNU-Y5EzifdrFvt7fHOT5vkTXn9dAUHQGOp0InnlHzyyR4Yllk5j29FaHC-V6OdBXmMupfTUImBE9fACYyOs6Q-DnqxTGPmte9Od_63HHlh8YKcXako
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 75CD 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BM4vf1-cp7HTc4BHqxGnUBfKIJk2I_e8H2FCDXjH4fTqsvKXDVIiprSrdYG_G8rKATlhg0m4BCEjSNam-fi3ZqI_L6SNTL92yEIPnewezd1fgcymSA9lCPXA17dHfXlP0zq4-yr3_sZxiRCBvmofLG17SdD23hSgK_S-gzU_lz4GLWtok&cry=1&dbm_d=AKAmf-CujCfsqMmed57ZHSV0p-gUp70sBp_TrtDsEPsDYn1VSEXqH-6dWglcH0UmAu0e26yWMq-sHh3VV0CXfKG8qLvLL1sNRwik-jHmVVSzAkEakB2pOMXunxH1pyuSwkfr12gU7OWUW7E97Dg-hrnsiJHjkC2MsdMUQvJinJtfCFWr2YfdP56oQivn1sb32gjKVGM9TR8v02l8mdxkJg0qpyr1Q5FjGobMEMHXLIGg7rF92Ciek5DeJVCG410d6rh3yOKAV1sZlwvrWQvi4rME-L6kY-rbxhlhTSnS9G5ONYHBokzPNc2BXWDorvJ3yI4_rrsvIQKA8H4t0L1E0evsN25jZ7us0gZlog1HQTsAgRLkwomaNo5ZnQQB6SqcrqlsKaLOpeq3fA4jp2T_MBlVonxLahco9ORnqijuDFGemHBr9PxlQrFyElySb7ugQ16rQ4hDeg0jizgMmi2ejnqU0ST0KbBm-Z5e6CkbxLIX84WHaOfsgvfE3deBqdzwryJVmkP6Y_56yJitSHNIZd_DhpyzzLjHfyNz7S0why7y1_LXprwlvtXLihOaaJw6J8QSixTb8r2UfMtI_sSO5OwdSkdWpOxEw5MzNXWhm-Yi-SnuHO5a5KoWBXe1rVgDmIWzdm89Kva3bBjn7bPTI61oOzhW9tg7MvdojZhabvmXNF2jXljZt7HOyH_XZaacuwerpYICrj2l4W6aIRgsf3oRlAB8a3kazNVCMcC0BluQAUqFImsOw3Wq3c3hsYi401fTcpcq78EIG6QjU2YdcGzo4qBL5P1CFODFF6pEXtdAwu968Tn82XiNl2Oi6bjLSRzYtJ-FIMe-ac3CtWzSRyvwkRRnoHBRwn1MCiqo9UZqlDXJP9V-aWZzl7QDCtYvkiNfoRjIqOOijys3BsjFRRuPnD-4AWLxIv0UXRNNb-if8byy9rnTf-eI9i7LddUg9ZiBDDPnsTA6GucvmbZV-jwoSYKO1hga3bNCcUTqFI1pabH1KA0r01_OoW3jby3x7Qs3THyca_XL1-orZDItGxKE7XlrOxR2wEfI8tpiBBwR7YkmmTPN9QBiz-QzZaHfz-yCfWZX6CqXIqVs0gEPkrjS7yuAs_87xCWEkGjWS4IqvLjdzG_yjjFMZrLw5s0moYwhYsr5JY1CmtmTkItcIQMnPBp48nwGX8OKO59nXj6_fHX1CNwQvhA68dRIXQ-R0XVg7OzCyeqh4cW6TdVVVL-rHp29iDGqFO8UjPvo8NI9mz1EgwkBOU7Sjdk8Wwv4FmqiHz004UxJXdavxumotucaZKHMyOcBFjm0ade2BeFzrt_1aHY6OCJOgWJRPOL6xolrNT0O4mMbR7kIl43KvezrfK_6YLPGT24V54jcr7JkaaBdF8tsTlCyik_qgzOxVgPZl_Air8SWStZynjcxdTq2nWwfdguefSr-MnQ_QF7HA46mS7cN2WkbOLwW9Q0SuCynKOVeCOXy6IWN4S15Rcwu5t1BvkELEGtf89BQU2d7x4IH_U8-KYQF8G68YF9BzMevQGMM05wHofbNcsj1yorSlrnN_tRkVH-zWlR5ggDIaxI0kykcA4zfw-o0K_xBYIoZqcmmUaE_8STApCZJ1tPlV0rlOugRCkn2xgfh79hk9NQYvcZ8eqMuyrIn_Pfe5xA_fKqg0DuuvLGy2UmeaLwPlfb7IVYUXp5UdWmfnUkE6lZBAZczXJpJnSPxLQK7yrSFjYDOnLFMNzyNOuU0Osh4qxY6XdnMXJ0lL3SPoGPCsyCvKomUiwPktqSizbZG_0j5s_4x6Du6Y0pKoMqGuLEs9VyX9kJDWrCfXOjHgNrAS_LIWuzmRdEKBU5wMQxgtjrFKBu7-eOsUTuKNo6hpZjfqvjSCKOgcCrAO1CC1DpTnIqLIcpP2uhAWfcdC648cloZ_ZYcd9QNu0MoTFjus6bLc04jC4GwgRJB6rcFCN5YZJojvAZip5urKJZZVz0GUJCcd6-_JrpvRFrb5-AYDser7Nm65dUMwUm1-oBjvJW8VV3upb7hOHEXocN4gavSR2cIfH2DT_DS2HiiHsQxPCotCOG8XL6n538pCdoHUdctYBzvQYBhKWZ2qXvMSR5HbHk4qBXB_eEjBVqadouBEcJFKTXX252VvAzRF2yBMC-JJ2uCVDrCKawFRDcmFXYSkyfL0UdaEJ08rVIJcunqXktqMBzGnYbdMTmV9M3_u44StvrpAY_K3zqSZiwfT86O9krqpY0PcqGrFcFWNY_7SKlKu8PdmnqmswdtqXanhy3EiRKHsqKenvAC5_PYJA8GGdrDElr_M2QEiuW554uvC4ddHftzR3tYhm5h7uFN2Gzbr5YF8h2gjVfrmP9-czrH8d18nedBiigm8zg9AmfUc5cnIyRZbpPZBlLlcLA8sljCZfRl1MCda4qRpvjctxALgMXoyEFPwa9gGEmXYpjZm_lin02a16q-AK6GqsxEJEGNmesKd_yq0kTOfL1L_Pb5Ermvtt9EV5RDMvRwU2GuSS3tN6lRwm4_IRM8NWy5eAwcbz2PsntoKXe7y8lka4BQ22qME6teOtnpV0wwdydPSrDBHksd2J7Ho-HqEE5V7Qc4UhdlZyl4gl6DWziEm1zyQqxuhrp57_55dllNNmR7mSLPBvudJdXMYXvOSA1ZfD0sKcJ_JbZy-lzfcRPxow5YrnsDfWm3gYN6CZDe4Id1bwpGTfntFPF0ueDfth3miB_S8SGbJz_qvIODZj9PYgFmoGXsGObkjsul1TXpGnU7_kJv98QXIc4z1V44U-v4yw2aYSZOa0Tztt5okPL6kTNgPd_8ivdMSyHp_abDr72ZaWNawyI8obakzM9ECPP8Jlg2x0yujTFPopdnHdqkd2NmKj2aeL_ODUNozJuztThNYsCKKIwstH14GPFEnzWCGfppBkugrODTCB9PHNulLOU60m-r0YS3_gZiGNCnlVpVoHbiZ5fb3saYDOiuibBJpO3B02gEZKxI3wXR1qbcz2NiRtzxoibVw-YEIB1uN5r_iFymF2QfiqKtiLALJBzDJ0UGLWmlEIT9uK0TwwgjSY1ZTuR4omocdDsHRcoVC0SS0WUkiYnFDBHlvV4t9Xv40shr2VVs6W9mHlf6wgHYWNZ8c3mXbHrdaB5h2gQShGjD3fUf_4-U2-zefmCp6pKCM43w1VMt7yvdKIRdeNQF8ZzqxGipPPvEilEqFoHxzpMlpXzWs4bQY3XSCttc11rQViCFtcPdfGkViurqh0yQ6C_HROmhVMNZoA0o-alr_HHCiXgg7sK6Bz03MNd-q5GByHpE1XAMvpVFea6GpBcjjba1LdEdocZuYaW_jBkfYs27eF1rMwdLzBIrNFYGhx2B4tvv0S3r9Ahg7Oc5tA5nl63bdHyFF2z1cOf3rClCK76nTt4q08Nmvz38mla84lvYqSjcWWnoS9-7oEmbqsKtTrJz47SEXccE6kP3UuToOUISe7FER3H9yX2roHm4_ML5DBkN4xrVCIqOp57WIttfswAMhmDeToHiEpbvWOWY295QMrIx2r_rd0ZlRVn-yUYUX-Y1YEe5-VnCh7GGES-KiDaLu6NuPlPk16rAZ8amKmzWyzr3gjHt6Q-qO_y8c04pUWy8UNxhIqx-inmcCNmrZvZBPozyc5w0phEXVPWtA9z4E0fp9Y6AXDRLCUexwnLRrNs707sAN6BFckO_A0JBWbdoJPtGTa3dpj8yJF7rucUz_-TDCbgOeLops425VYBGyA7RRQANGv6WBKzehA5MGffaoq_EkVYUlNPTxMVCZwCHksQZVJYp69zIpPg7j8yox6-f1JHqRXM7NGOpHmo1NJEVaDol_zpM1vE6Df8yHUtqMJmwKtd3FxYZ1ypI-ZALaBNF2uIzAWBJBgyRIIFP66wuvZ7UpR3uZ3WsVFqcsUivq8Aib1MbWdA3m36HE7UjyoOLLPbib4qbr5Lv73ti_HIytYXqr2DqzupMjhJKNJ8FJSsiErjYd5WONg&cid=CAQSPADq26N9AjkX7A_Vq4dEZZL7i_0ITE172PsWN-74kmwf9u_2voEO7a33qmnPTYiSJVgbNQz6bnt-sobbiRgBIBM&rfl=1%2Chttps%253A%252F%252Fntdeals.net%252F%240
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
173e8a1cf97328cccad8380a0373ea46dfc9a3682abf24f933cca60625bb1545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35022
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75CD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6MILc889DAcgPDwsECtO0jYwH86M0eiC5pF5jj5lwOlwoAnNuaxZOsAg-twbcLg_OW9W6I-9jspazM5di7ZCOpzD7GgXBcovuePHwdPmRr9mrImI
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 75CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 75CD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:19 GMT
l
www.google.com/ads/measurement/ Frame 75CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaPxF-9-tMhRDB_SvW_QevL4Qk3fOTVg8RYSQiWnso0PRd9J5dcPXsyPpUoNzPfUl41YxP_1fS9rlFsrO-ivfL5mCQlA
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 75CD 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:56 GMT
usync.html
eus.rubiconproject.com/ Frame 07A1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Jan 2023 20:36:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 12 Jan 2023 20:36:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
cdb
bidder.criteo.com/ 		18 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=35176539174&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.196.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-196-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ntdeals.net
Date
Thu, 12 Jan 2023 20:36:56 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.196.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-196-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ntdeals.net
Date
Thu, 12 Jan 2023 20:36:56 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pb
ad.360yield.com/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.173.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-173-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:56 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		19 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
AN-X-Request-Uuid
a51369d7-77f1-4962-b5d9-e57835a6db22
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ntdeals.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&CanonicalUrl=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
1f32d417c62c6dcd776b270d952ce1db3e12f1a68bb26bc6e50f41849ce7a91e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
162
content-length
180
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b02405345d4d6ed6bc3400930529a1b54e55ec641695bef1eb661ef509d80fd

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Thu, 12 Jan 2023 20:36:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 1002-63748c3a3b26ed111bd0ed87-1, Process Seats Booster. unable to get the seat booster engine for organization: 1090
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7888afeaf9ddecea-YUL
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		268 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&alt_size_ids=2%2C13%2C14%2C16%2C55%2C57&gdpr=0&rp_schain=1.0,1!venatus.com,62fa2ce38cf5ca48e4df7c8c,1,,,&eid_pubcid.org=f5c11dc8-ab37-4c3e-9244-c827f62552ba%5E1&rf=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&tk_flint=pbjs_lite_v7.17.0&x_source.tid=c42cc2ea-fc48-4301-8182-84562eaf7221&l_pb_bid_id=619570e264f1be3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08828380187784068
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35b6e8c8e4b89536df8fed1101aca642736dd3d06a9ae062b42773c7bb50f5f6

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ntdeals.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
268
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
arj
venatusmedia-d.openx.net/w/1.0/ 		174 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c42cc2ea-fc48-4301-8182-84562eaf7221%2Cc42cc2ea-fc48-4301-8182-84562eaf7221%2Cc42cc2ea-fc48-4301-8182-84562eaf7221%2Cc42cc2ea-fc48-4301-8182-84562eaf7221&nocache=1673555816152&gdpr=0&pubcid=8744d4fc-bc08-47e0-af0b-34269f1236a0&schain=1.0%2C1!venatus.com%2C62fa2ce38cf5ca48e4df7c8c%2C1%2C%2C%2C&aus=970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200%7C970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200%7C970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200%7C970x250%2C336x280%2C970x90%2C300x250%2C728x90%2C250x250%2C200x200&divids=1002-63748c3a3b26ed111bd0ed87-1%2C1002-63748c3a3b26ed111bd0ed87-1%2C1002-63748c3a3b26ed111bd0ed87-1%2C1002-63748c3a3b26ed111bd0ed87-1&aucs=%2C%2C%2C&auid=539871857%2C539871861%2C539871862%2C539871863
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e342a1098ee58e3a90450252944873223e31164cf523a118970837d28ea99caf

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ntdeals.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e23a617029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b7c2d9d533107b9af723f3eeacd75c1503c5bc25e567712b9a382dcbda112f96

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e20cfb002e0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
73a9abace04b299113616f5eb0e1922d3a32b16b22f86ad48da080107d8b6c53

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a969d4401777748c6904e2136d8029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a7a182a2889bcf2c0002baaca1ec079dce09ec19bd5c7800651a2e9d100b0632

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e42a12102a6&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
841b24b6c5244cac344b14f615297898a75e17e40ce9c6c882b0fed8f89c8798

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=171882&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2274b3429bd61e098%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A8%2C%22adunitcode%22%3A%221002-63748c3a3b26ed111bd0ed87-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22753011c9643e92b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22c42cc2ea-fc48-4301-8182-84562eaf7221%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262fa2ce38cf5ca48e4df7c8c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f5c11dc8-ab37-4c3e-9244-c827f62552ba%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdc131f824b1ae5d563ef8b06b7642d42c3607d213b74ad72033984889bc1b4

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WJXwX%2F2Krz9m9%2FwqVkdLBstXjHIISvK%2FyIFR9EkFGPl47LV3MRzcvujmzXFAbATLQGU8h9dCDkXfM6Ha8zPMEH66vOEnsR7K0aG0Gobms5%2FkMHnw2lWsEevd0etA7FDAaumSmjU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7888afeb1b73549d-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
track_enc
track.venatusmedia.com/dual/ 		16 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.12.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-12-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:56 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
rum
dsum-sec.casalemedia.com/ Frame 36A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1&gdpr=0&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMY04nZ2wEwAQ&v=APEucNU-Y5EzifdrFvt7fHOT5vkTXn9dAUHQGOp0InnlHzyyR4Yllk5j29FaHC-V6OdBXmMupfTUImBE9fACYyOs6Q-DnqxTGPmte9Od_63HHlh8YKcXako
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1&gdpr=0&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 36A7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8BvaMNW0PM9kjBxTNi19gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMY04nZ2wEwAQ&v=APEucNU-Y5EzifdrFvt7fHOT5vkTXn9dAUHQGOp0InnlHzyyR4Yllk5j29FaHC-V6OdBXmMupfTUImBE9fACYyOs6Q-DnqxTGPmte9Od_63HHlh8YKcXako
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAWh2wx9cR4OCtnQkNEYG2c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 36A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELThwXkhEupKC-A5ukppZ-M&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELThwXkhEupKC-A5ukppZ-M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMY04nZ2wEwAQ&v=APEucNU-Y5EzifdrFvt7fHOT5vkTXn9dAUHQGOp0InnlHzyyR4Yllk5j29FaHC-V6OdBXmMupfTUImBE9fACYyOs6Q-DnqxTGPmte9Od_63HHlh8YKcXako
Protocol
HTTP/1.1
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
AN-X-Request-Uuid
0c656ef6-5d98-4dc6-908e-6f1cdd041b77
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESELThwXkhEupKC-A5ukppZ-M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 36A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NTYwMjQwODI2MTEwODAyNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NTYwMjQwODI2MTEwODAyNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMY04nZ2wEwAQ&v=APEucNU-Y5EzifdrFvt7fHOT5vkTXn9dAUHQGOp0InnlHzyyR4Yllk5j29FaHC-V6OdBXmMupfTUImBE9fACYyOs6Q-DnqxTGPmte9Od_63HHlh8YKcXako
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 12 Jan 2023 20:36:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0d37b11f-4579-498e-913f-e5196966fede
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NTYwMjQwODI2MTEwODAyNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 75CD 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Origin
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 04:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Jan 2023 04:28:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 75CD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 13:15:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 75CD 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
41830
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
12554467027428251666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 08:59:46 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 75CD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 19:39:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 56BB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:28:19 GMT
etag
48472445140208031
expires
Fri, 13 Jan 2023 19:28:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 75CD 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecc4205eea74aa9c021f4372f0af1912e7e68e23ddef7febd7482e2c2e0afc47

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 07A1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
05f66b5cbf84f005f89ddf99a32286c928708ea38f6135c0d38552b6b79ac0d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jan 2023 18:50:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80055
Connection
keep-alive
Content-Length
10036
Expires
Fri, 13 Jan 2023 18:51:11 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EF36 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:39:38 GMT
expires
Fri, 12 Jan 2024 19:39:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
prg.smartadserver.com/prebid/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
c
prebid.a-mo.net/a/ 		584 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6a3117beda6f7e887ba00469f0cbf5c88e6458e41d005d952d8dd61027e00912

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
129
content-length
300
arj
venatusmedia-d.openx.net/w/1.0/ 		173 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5ccb06dc-91b1-4723-8147-a2607504b2cf&nocache=1673555816355&gdpr=0&pubcid=8744d4fc-bc08-47e0-af0b-34269f1236a0&schain=1.0%2C1!venatus.com%2C62fa2ce38cf5ca48e4df7c8c%2C1%2C%2C%2C&aus=160x600&divids=1003-63748bc93b26ed111bd0ed81-1&aucs=&auid=539871855
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f4980b4465c10e41a375ace342bdf82c91d73faaa7029c71c279fc188cd85ef6

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ntdeals.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&gdpr=0&rp_schain=1.0,1!venatus.com,62fa2ce38cf5ca48e4df7c8c,1,,,&eid_pubcid.org=f5c11dc8-ab37-4c3e-9244-c827f62552ba%5E1&rf=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&tk_flint=pbjs_lite_v7.17.0&x_source.tid=5ccb06dc-91b1-4723-8147-a2607504b2cf&l_pb_bid_id=88ba4e3ef7c8959&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8154133764471341
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8f13db4b215835beb56fcab22b7d6e02abca56a62e517d6fb50d3f8109cba376

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ntdeals.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
239
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
AN-X-Request-Uuid
c3187229-8821-4c20-844a-ed1fa3fcdad0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ntdeals.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=95620506236&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		946 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56bb5a6395b01de09987789f3cfb48d3856cf8644cbf692a03a4c32aa1fa4afd

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Thu, 12 Jan 2023 20:36:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1090
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7888afec4bc3ecea-YUL
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=171882&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22958a1cab6ef8db7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A8%2C%22adunitcode%22%3A%221003-63748bc93b26ed111bd0ed81-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2296d1af6aa779eaa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%225ccb06dc-91b1-4723-8147-a2607504b2cf%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262fa2ce38cf5ca48e4df7c8c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f5c11dc8-ab37-4c3e-9244-c827f62552ba%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d505857e80401c2e790dc37f248010d6d560939d1266a4ab25c8da4d6c9551e

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKa42M0yp%2FLeTZjh9zAoyoOrt5nG56a2hIDp0hBIl0KVMKuKZLyR0u%2BYz4JN3vG0fFf7f%2BB2fOuc0mq3cYQPRcJPcRCcx9qXBKXGp%2Bgfs%2BsuofK0sr36ixwyKHlVqXxPB2S9DwiR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7888afec59a4a20a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
72b7d742e499d199463ae370ed7092eb1c077d6f5964a7eef556a129bb2794e8

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
pb
ad.360yield.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.173.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-173-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:56 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a969d4401777748c6904e246dff02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8b6bdf3366476afdbfd97ac77bb8f60502816fda17eaf8db7fb13f425a10403a

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
s0.2mdn.net/sadbundle/4800917182785519616/ Frame B4F1 		73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e077f07d43b0caf46c77e7dce73aca2622f703b6df907ec9086b781fae587cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
107661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18725
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 14:42:35 GMT
expires
Thu, 11 Jan 2024 14:42:35 GMT
last-modified
Tue, 06 Dec 2022 15:41:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 75CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjxLsh1ti8aQy4DqJo9J7VnNIEoJEKy1OSbPNTRa6YmFpgo_AWpMGd8VXbEcdAEPuKuUZZ_NrB0FpJbrbXjSREKg2FMkyp4ev19RT8M6eXcjjqe3_SJDKktuq1XZb3XHoAjdOhYYgJcfQC4p1uEwOT-DELolNHgT4cNmNMifoAitx4u7kyHzyPcz2RctTzSfQUZZw8OEwJXSptrbSswacZTX2bH-6zrMS0Q5sBnuQZO4oVQIOhgIJVir4Npn7vK32XVoE1USwo9-ga9mhQ2LtFtXla3MZ4pQ14pc-tEqJH3GrzvRabjhQnX8sKGYF7uBZFPN4jHpfKjTM863trLdGu8RLIGYLZ6lUQCn2inmLVARaB52AdUnnMOqpwJiPxnSybhuSv9bVvZyeAKjVhjnCAhu8hPVrDYJ8nLa-s0fh0pI6F7Ks_Xj6_A8LBlwHgyindqg6JnJDmRC65YLC3uSidNF1LLC2DEfjgLIfR7n6gSDehCSnoqkgqXeTHIaqy0Icx3N4U_9cYitqbfB69JZyTsIgBcXPumWXnJrVw0bRVG8JD7n2044AForxB7qou5F8iF1_arqoS7aUQNEEMloW3vwMmO9hbQc5M8vBv80spfV8k3PplD06IFY_BGgY1tcpfLrzgwK6DhQBWGXfEPqQUXcf2xWJ4zDZdCDzYqGIjW9jGrIDgcyQFxooRRalG_hp4DP0pytkcrEvYuEXyYDUQidLOkp3T1wEUxNHr8KsPeKfzEuaKBnCpUcBu6NtaW_F7ZcAuAA2hMV6OBvWfsRCtPwy4m1f7s2V-k2qU-FV8ymIFOcD8TWVd0Hno8LPvsN4vr00i4Ul_L-QSjAFdmposUQIA_jx2elktjbUsCmZnr5lNnwb83tOeflyri4AjP_GQTgiNtghkvHeLZpxQn9QQaJiVVPpUE4ivDIjesMGTFVOW6lfqD_s767nnjQIMN2WMdo2MtGUs-eQr7KnOhpc18gCrBmKvPnsQ4VodSfyh5LGWsVb2a_cURa_sNB5KAjT7p26PqDNEcdQ90oiLzy8e3uif84_JMer3-xZu_VXqZfTVzLvvt86cfWSzCNxdTbL9LhpBJagEUFuTQCRi0791LqGM_fpfX0NGmG5q7jIKFWX97yuyzGl2QTbhdRrKNL3Ey1i-R5zT9P9sxYv0-sjqSV-yANA8P7ey4FwYDs4V5RUZvODRMbfzQuETt4cDUb2TKMNRzhjJlgD-qX20viHSxyB0iI2O-e6FYoUs9uuMODMYIsFtQbOcamq9PgoojDTGha0y3aRawBF1YgsVxhi7EoURxj5dzkhgnueevJgOwEqwADN-Ow4o9DcXGw&sai=AMfl-YSpMhhHlehqbW_vAD9hKg_HDXw98ob-ypMZviOl4R3PLC-cVuYnZPUI27F5Myr6YPC5nabvcIb8RkL931VM6of_wYHOdEtoHa4SsX5yc1N4slKkhGgyCnyhZoDHpc2WY9xv9TXrFmZ5T7AbNYvUVreNJRmXquj6fa2Ru40TzIyMxpofrDPcgJ5asPutIvX9ctQMTeA6uujna6VGrVrxkz0inEcDvch4b-UmMSI2Vs4ncogFxxI_WRgG3lEuMK9Ne0pxCv4RNxMI3g&sig=Cg0ArKJSzPJDVmsHeRjWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&cbvp=1&cstd=174&cisv=r20230111.41562&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 12 Jan 2023 20:36:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:56 GMT
pixel
cm.g.doubleclick.net/ Frame 56BB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPTNqyvhybr5tQFqareJwU4&google_cver=1&google_push=AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnF...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnFK8h9WpgTOg&google_hm=9wPpSA7oSBiXvaeNq8SWCQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnFK8h9WpgTOg&google_hm=9wPpSA7oSBiXvaeNq8SWCQ==
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnFK8h9WpgTOg&google_hm=9wPpSA7oSBiXvaeNq8SWCQ==
Date
Thu, 12 Jan 2023 20:36:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 56BB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKvYRiNHcVgkRZWQ1S64_I4&google_cver=1&google_push=AavPq0OOyidCNDqOrvOfrbbqGEaHcATgfBOzLUN15rkAffFcJSlcvbI8Y82D2xcxvamHVAYs5lnuaBekORdXfkqWwveFoeJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OOyidCNDqOrvOfrbbqGEaHcATgfBOzLUN15rkAffFcJSlcvbI8Y82D2xcxvamHVAYs5lnuaBekORdXfkqWwveFoeJv9h9CTQ&google_hm=eS1FSW1hdlNSRTJwRVRo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OOyidCNDqOrvOfrbbqGEaHcATgfBOzLUN15rkAffFcJSlcvbI8Y82D2xcxvamHVAYs5lnuaBekORdXfkqWwveFoeJv9h9CTQ&google_hm=eS1FSW1hdlNSRTJwRVRoNHpsa3htbDl2cjhHMTU3T3NrTH5B
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OOyidCNDqOrvOfrbbqGEaHcATgfBOzLUN15rkAffFcJSlcvbI8Y82D2xcxvamHVAYs5lnuaBekORdXfkqWwveFoeJv9h9CTQ&google_hm=eS1FSW1hdlNSRTJwRVRoNHpsa3htbDl2cjhHMTU3T3NrTH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 56BB
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEO8vxOQg0q1ZYu_HrsosrJs&google_cver=1&google_push=AavPq0M4AYCoVDVDUemStYxw00_S-jPBM1RGsilUWVoj7wcgpTcIPnpg8vj219IKY1O93hV1oSD2nIo_XYul_Vrdp6...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgxNzM0NzEzNDYzMzQ4NjI0NDc&google_push=AavPq0M4AYCoVDVDUemStYxw00_S-jPBM1RGsilUWVoj7wcgpTcIPnpg8vj219IKY1O93hV1oSD2nIo_XYul_Vrdp6DA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgxNzM0NzEzNDYzMzQ4NjI0NDc&google_push=AavPq0M4AYCoVDVDUemStYxw00_S-jPBM1RGsilUWVoj7wcgpTcIPnpg8vj219IKY1O93hV1oSD2nIo_XYul_Vrdp6DA9GUPVqOygg
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgxNzM0NzEzNDYzMzQ4NjI0NDc&google_push=AavPq0M4AYCoVDVDUemStYxw00_S-jPBM1RGsilUWVoj7wcgpTcIPnpg8vj219IKY1O93hV1oSD2nIo_XYul_Vrdp6DA9GUPVqOygg
Date
Thu, 12 Jan 2023 20:36:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 56BB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBiA1kwlQAvDCSVSmAK7hY4&google_cver=1&google_push=AavPq0MbyCPOmvhamPG_d987pXhfG0Mg130baKFGzmFdmhPn7DPsjGdlOZ7Gb1978AAsILRTTNp06_DIJ08t...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MbyCPOmvhamPG_d987pXhfG0Mg130baKFGzmFdmhPn7DPsjGdlOZ7Gb1978AAsILRTTNp06_DIJ08tUYkwI-ocmCxdQEoshw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MbyCPOmvhamPG_d987pXhfG0Mg130baKFGzmFdmhPn7DPsjGdlOZ7Gb1978AAsILRTTNp06_DIJ08tUYkwI-ocmCxdQEoshw
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MbyCPOmvhamPG_d987pXhfG0Mg130baKFGzmFdmhPn7DPsjGdlOZ7Gb1978AAsILRTTNp06_DIJ08tUYkwI-ocmCxdQEoshw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 56BB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.targeting.unrulymedia.com/csync/RX-8671c17f-0d43-41af-b210-58f9931566cd-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MfrBi5HbVYQw3fPkKph...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MfrBi5HbVYQw3fPkKphCgIZDlE39MbjN1vRaKjXbe_P3V6CEybit_IRazTawfgcrRPaobKT178tTd1ipxOExjVaNpTJe4IdQ&google_hm=BYZxwX8NQ0GvshBY-ZMVZs0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MfrBi5HbVYQw3fPkKphCgIZDlE39MbjN1vRaKjXbe_P3V6CEybit_IRazTawfgcrRPaobKT178tTd1ipxOExjVaNpTJe4IdQ&google_hm=BYZxwX8NQ0GvshBY-ZMVZs0
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 12 Jan 2023 20:36:56 GMT
Server
Tengine
ETag
RX8671c17f0d4341afb21058f9931566cd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MfrBi5HbVYQw3fPkKphCgIZDlE39MbjN1vRaKjXbe_P3V6CEybit_IRazTawfgcrRPaobKT178tTd1ipxOExjVaNpTJe4IdQ&google_hm=BYZxwX8NQ0GvshBY-ZMVZs0
Content-Type
text/html
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 56BB
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJFsf1RlrEcF-uZH8K0-qFA&google_cver=1&google_push=AavPq0MY-1ZpxHMzp0PCufI1u6upR2Z6-0v4ApSuqpYeSpRo7fax3JeCqe7rw9WJR0...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AavPq0MY-1ZpxHMzp0PCufI1u6upR2Z6-0v4ApSuqpYeSpRo7fax3JeCqe7rw9WJR0_xAUfBdJUAftLURBN_E5YxMHEH8S0M2Kse40I&google_hm=...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AavPq0MY-1ZpxHMzp0PCufI1u6upR2Z6-0v4ApSuqpYeSpRo7fax3JeCqe7rw9WJR0_xAUfBdJUAftLURBN_E5YxMHEH8S0M2Kse40I&google_hm=UzreBbHMTBS2AM1oiISqOLQ
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AavPq0MY-1ZpxHMzp0PCufI1u6upR2Z6-0v4ApSuqpYeSpRo7fax3JeCqe7rw9WJR0_xAUfBdJUAftLURBN_E5YxMHEH8S0M2Kse40I&google_hm=UzreBbHMTBS2AM1oiISqOLQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 56BB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBiA1kwlQAvDCSVSmAK7hY4&google_cver=1&google_push=AavPq0MQWAdspETivRMs_xrubhw_CEqkvK8PEUdtLroxBXxGyAbW-58M-yH3SCk-NQUPRb_5t99hhcLwT6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MQWAdspETivRMs_xrubhw_CEqkvK8PEUdtLroxBXxGyAbW-58M-yH3SCk-NQUPRb_5t99hhcLwT6D_d4QpOUbcUEAGQMavHQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 56BB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkFMEdd2W8Y7jMxnGCh0e73kA3DTdEj9vgofWbgt_QBPtQEvG7X-_C1fKiAcejWBZQy-UwHMw
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame 83B2 		95 B
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/png
date
Thu, 12 Jan 2023 20:36:56 GMT
server
nginx/1.14.2
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D910 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7039023683759476
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63c61eb0827bf543a36e91a065822e9037160c953f3674e37448298eeb439151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Origin
https://ntdeals.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49482
x-xss-protection
0
server
cafe
etag
10828303333426720735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 20:36:56 GMT
css
fonts.googleapis.com/ Frame B4F1 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
515563c93d8f56d0cb8e18cb4a1ee55aca2543f8f78822d96f479ca7f8c991f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 19:16:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Jan 2023 20:36:56 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B4F1 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 15:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Jan 2023 15:32:05 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=171882&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210459bcbc270e827%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw%22%2C%22tmax%22%3A2000%2C%22syncsPerBidder%22%3A8%2C%22adunitcode%22%3A%221004-63748bc93b26ed111bd0ed81-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22105a3d5a5eee268%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22a9f15e84-41a2-4f50-9bd7-eb0b8c89ed9c%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262fa2ce38cf5ca48e4df7c8c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f5c11dc8-ab37-4c3e-9244-c827f62552ba%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2037b9380a5c4b49f85975e21ef6bf60ea773bb6cf0df8a6a8dd5ff58bf112e2

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEJI9hMQzhygogAlQHwYGlQ%2FKtul2ej%2FfihsD7xZiA4zTCKbGeo3ea7bIdIQrULO6WfbsReKJf5zfg5y0OtgSA7Idd9oHl9zGE%2FtZOsZhWDDTtc8nLYe7AzPNwjeh%2BLRFFpa5fxR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7888afed5ba4a20a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=75647160109&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a969d4401777748c6904e246dff02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ec4323cc1965b37380d512f16d28517d7ab36294ea87b5129ff9dc75197fda4a

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ntdeals.net
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&gdpr=0&rp_schain=1.0,1!venatus.com,62fa2ce38cf5ca48e4df7c8c,1,,,&eid_pubcid.org=f5c11dc8-ab37-4c3e-9244-c827f62552ba%5E1&rf=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&tk_flint=pbjs_lite_v7.17.0&x_source.tid=a9f15e84-41a2-4f50-9bd7-eb0b8c89ed9c&l_pb_bid_id=11335a90a59bf0b1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5404297499383401
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b695d3cf843aa069b53f43ab5dc721943da2a366884af11a6ff1899d48e027c3

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ntdeals.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
239
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
v1
prg.smartadserver.com/prebid/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:56 GMT
AN-X-Request-Uuid
93f10cfd-6c8c-4951-9e0d-15a775709966
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ntdeals.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		933 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59eb87bfbf978be8572a1c8cc7cf017645bf6538fece8c0760c690e1245ee35

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Thu, 12 Jan 2023 20:36:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1090
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7888afed7d21ecea-YUL
expires
0
arj
venatusmedia-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntdeals.net%2Fus-store%2Ftag%2Fnsfw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a9f15e84-41a2-4f50-9bd7-eb0b8c89ed9c&nocache=1673555816537&gdpr=0&pubcid=8744d4fc-bc08-47e0-af0b-34269f1236a0&schain=1.0%2C1!venatus.com%2C62fa2ce38cf5ca48e4df7c8c%2C1%2C%2C%2C&aus=160x600&divids=1004-63748bc93b26ed111bd0ed81-1&aucs=&auid=539871855
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c87f34a185844c98fb99d6d2eac5a0248c0fcc38c956ed3508ae047cb190678a

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ntdeals.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
pb
ad.360yield.com/ 		0
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.173.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-173-16.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:56 GMT
access-control-allow-credentials
true
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame EF36 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2214960316387150&correlator=1047630500012778&eid=31071091%2C31071522%2C31071524%2C21065724%2C31071351&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&gdpr=0&tfua=0&tfcd=0&iu_parts=21726375739%3A21621083319%2CVM_62fa2f488cf5ca48e4df7c8e&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=4&adks=3442578752&didk=3352097020&sfv=1-0-40&prev_scp=hb_pb%3D0.02%26hb_adid%3D63748bc93b26ed111bd0ed81-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D2a0b3c99321b2641e63d54cf2d0e3c46%26mo%3Dscan%26ac_id%3D62fa2ce38cf5ca48e4df7c8c%26si_id%3D62fa2f488cf5ca48e4df7c8e%26pl_id%3D63748bc93b26ed111bd0ed81%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-22%252010%253A30%253A10%26ta_si%3D160x600%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D62e1e331b0218a1f14096bca0079fa68%26st_ty%3Dvert%26bf_br%3D17100000%26af_im%3D17100000&eri=1&sc=1&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&abxe=1&dt=1673555816578&lmt=1673555816&dlt=1673555813785&idt=1208&adxs=33&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&ga_vid=1472796446.1673555814&ga_sid=1673555815&ga_hid=1191119096&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a78bab0d488df72eca38980f3e77ea4e55ba40860b93213971a3326fc8c45a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.12.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-12-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:56 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=f2198175-84ea-4119-999d-278ab29b1f63
0
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=f2198175-84ea-4119-999d-278ab29b1f63
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=f2198175-84ea-4119-999d-278ab29b1f63
access-control-allow-origin
*
date
Thu, 12 Jan 2023 20:36:56 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.112124000267917
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-7F3d3_u2xxHq_HToOOPFPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-7F3d3_u2xxHq_HToOOPFPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.2334871573353587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hGoH6FMvBtSpcv_n-8sztQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hGoH6FMvBtSpcv_n-8sztQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/ Frame D910 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05e73c7efaa3e6a78deb12fe359186cbed511d8df4c247f1a81cdcecd874edb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119968
x-xss-protection
0
server
cafe
etag
4445080444952913768
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 20:36:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 6D3F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
28627
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 12:39:49 GMT
etag
10353107486223812946
expires
Thu, 26 Jan 2023 12:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame B4F1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 13:30:18 GMT
x-content-type-options
nosniff
age
198398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 13:30:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B4F1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 10:24:38 GMT
x-content-type-options
nosniff
age
555138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 10:24:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B4F1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 19:32:04 GMT
x-content-type-options
nosniff
age
90292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 19:32:04 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Thu, 12 Jan 2023 20:36:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
232c95b6-da7c-4f0a-ab92-935122762357
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XJzT0P7UxX2WLBkH7aW8Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XJzT0P7UxX2WLBkH7aW8Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ntdeals.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010501&jk=2214960316387150&bg=!jI-lj8vNAAYDMoyoIzI7ACkAdvg8WpxbEstm8DdmdrUES0MhkN5IkRvQX88JjKdcOHbhlv9alRUVUgIAAAG7UgAAAANoAQcKAEdB7dc0U1gJwIIioRztZzmFqPEj_VDuj-65Vg6_pvOjZI7P4nV8sQPhmCri5wKF99ojfOBd0BZtcab5on1X80fCa6IFFY6jsJkCoMRipJ_BrVPaaxfAMKd3oWAiJ0Qys_-REHMUCRzRPiodBulWNWyzYdLR2vV98WpOWcj-xfOU_WtHeGKCdcF4cEXQcVh-S0ym7wstF9VoZkyuB7m0SK-U-bPI-SZQzpUv7B5KpV1LKPF_29T-sMf7W4PRMVEPLHBJmundy_4lEjKebO7RA6IUwoaGvLRhmrE4H68epcao3LYZZDjDcD0CWP6rW7o0fzt7eu6lThVubFBnM1gQNmlfNo8QaIL9aGq5LPQj8JC10sGljFSdK_78hfjvsle8KoOGfgw7knHyM-ym5ZTQxBn9FjnGKaRM9ZySMyvJ_klmwoKtyEFVwpQUlm1uFaI4fA6-2q5i0gVVh7UuXzQW7qpSFLv4K0lr4zeCqt39HwpiAVB6rwXwfp_OuQ4LIllF_OJJ3YY8eypH8XuaN_jegr90mLYEIk5-i1leZ67IGhtHwJ6OYkJkT37LePrJP0OEqZPNWjwccmgGj6BcHMpGCJk-O61nmibGdJIoRSOOPnTW9HOI9g6jj6wq2_HD03DK5EaMGJeBgxGIXRJ5mkAsOHJEzagcSRuoEQSD4wKyc9YhzHkuyYnvPYEjYmIduzc2VWBvjPU-KKCcyCeQgcIaqOJATGrmhMLXT8qy4yT2ODrgd5FIC5pwVAJ5UmhK_KsxFZFmvfJbAyvUETOrseTPEA4xCzXhUUkbKm8k8wpDEkNW5iafLKUmwQ9O_aHuIyE4wSXtWTplaNrBOHlK6h0VduS-b5E_0GdweEIjxIUTiGhmw0dn0gNsnDvkZxFMZtmnNWL9LwhHgF5LCZsGpGgoHdN7eyW62Cr0enS1TMcgs01psJXXFhiXFpftZLZoVTUXXgAIbeT33vznshagFuMan5ZdcDoQpGM7piCYmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2214960316387150&correlator=1996317444164297&eid=31071091%2C31071522%2C31071524%2C21065724%2C31071351&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&gdpr=0&tfua=0&tfcd=0&iu_parts=21726375739%3A21621083319%2CVM_62fa2f488cf5ca48e4df7c8e&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=5&adks=3442578759&didk=3352097021&sfv=1-0-40&prev_scp=hb_pb%3D0.01%26hb_adid%3D63748bc93b26ed111bd0ed81-1004%26hb_iv%3D1%26sv%3D1%26re_ve%3Dfadd46ec-v7.17.0_fo%26pg_ld_id%3D2a0b3c99321b2641e63d54cf2d0e3c46%26mo%3Dscan%26ac_id%3D62fa2ce38cf5ca48e4df7c8c%26si_id%3D62fa2f488cf5ca48e4df7c8e%26pl_id%3D63748bc93b26ed111bd0ed81%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-12-22%252010%253A30%253A10%26ta_si%3D160x600%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D62e1e331b0218a1f14096bca0079fa68%26st_ty%3Dvert%26bf_br%3D17100000%26af_im%3D17100000&eri=1&sc=1&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&abxe=1&dt=1673555816815&lmt=1673555816&dlt=1673555813785&idt=1208&adxs=1408&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&ga_vid=1472796446.1673555814&ga_sid=1673555815&ga_hid=1191119096&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22c50e078658d2d19f69fb706d03d2016a1499b020355f6b5e8005cc7ffd317b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9591
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
BeFunky-collage_36.jpg
s0.2mdn.net/sadbundle/4800917182785519616/ Frame B4F1 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4800917182785519616/BeFunky-collage_36.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20409fb72442059ad0850842dc7de09efc04b1b225c7adc5ef6301f585ee7547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4800917182785519616/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 14:42:35 GMT
x-content-type-options
nosniff
age
107661
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94988
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:41:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 14:42:35 GMT
truncated
/ Frame B4F1 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 75CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjxLsh1ti8aQy4DqJo9J7VnNIEoJEKy1OSbPNTRa6YmFpgo_AWpMGd8VXbEcdAEPuKuUZZ_NrB0FpJbrbXjSREKg2FMkyp4ev19RT8M6eXcjjqe3_SJDKktuq1XZb3XHoAjdOhYYgJcfQC4p1uEwOT-DELolNHgT4cNmNMifoAitx4u7kyHzyPcz2RctTzSfQUZZw8OEwJXSptrbSswacZTX2bH-6zrMS0Q5sBnuQZO4oVQIOhgIJVir4Npn7vK32XVoE1USwo9-ga9mhQ2LtFtXla3MZ4pQ14pc-tEqJH3GrzvRabjhQnX8sKGYF7uBZFPN4jHpfKjTM863trLdGu8RLIGYLZ6lUQCn2inmLVARaB52AdUnnMOqpwJiPxnSybhuSv9bVvZyeAKjVhjnCAhu8hPVrDYJ8nLa-s0fh0pI6F7Ks_Xj6_A8LBlwHgyindqg6JnJDmRC65YLC3uSidNF1LLC2DEfjgLIfR7n6gSDehCSnoqkgqXeTHIaqy0Icx3N4U_9cYitqbfB69JZyTsIgBcXPumWXnJrVw0bRVG8JD7n2044AForxB7qou5F8iF1_arqoS7aUQNEEMloW3vwMmO9hbQc5M8vBv80spfV8k3PplD06IFY_BGgY1tcpfLrzgwK6DhQBWGXfEPqQUXcf2xWJ4zDZdCDzYqGIjW9jGrIDgcyQFxooRRalG_hp4DP0pytkcrEvYuEXyYDUQidLOkp3T1wEUxNHr8KsPeKfzEuaKBnCpUcBu6NtaW_F7ZcAuAA2hMV6OBvWfsRCtPwy4m1f7s2V-k2qU-FV8ymIFOcD8TWVd0Hno8LPvsN4vr00i4Ul_L-QSjAFdmposUQIA_jx2elktjbUsCmZnr5lNnwb83tOeflyri4AjP_GQTgiNtghkvHeLZpxQn9QQaJiVVPpUE4ivDIjesMGTFVOW6lfqD_s767nnjQIMN2WMdo2MtGUs-eQr7KnOhpc18gCrBmKvPnsQ4VodSfyh5LGWsVb2a_cURa_sNB5KAjT7p26PqDNEcdQ90oiLzy8e3uif84_JMer3-xZu_VXqZfTVzLvvt86cfWSzCNxdTbL9LhpBJagEUFuTQCRi0791LqGM_fpfX0NGmG5q7jIKFWX97yuyzGl2QTbhdRrKNL3Ey1i-R5zT9P9sxYv0-sjqSV-yANA8P7ey4FwYDs4V5RUZvODRMbfzQuETt4cDUb2TKMNRzhjJlgD-qX20viHSxyB0iI2O-e6FYoUs9uuMODMYIsFtQbOcamq9PgoojDTGha0y3aRawBF1YgsVxhi7EoURxj5dzkhgnueevJgOwEqwADN-Ow4o9DcXGw&sai=AMfl-YSpMhhHlehqbW_vAD9hKg_HDXw98ob-ypMZviOl4R3PLC-cVuYnZPUI27F5Myr6YPC5nabvcIb8RkL931VM6of_wYHOdEtoHa4SsX5yc1N4slKkhGgyCnyhZoDHpc2WY9xv9TXrFmZ5T7AbNYvUVreNJRmXquj6fa2Ru40TzIyMxpofrDPcgJ5asPutIvX9ctQMTeA6uujna6VGrVrxkz0inEcDvch4b-UmMSI2Vs4ncogFxxI_WRgG3lEuMK9Ne0pxCv4RNxMI3g&sig=Cg0ArKJSzPJDVmsHeRjWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=713&vt=11&dtpt=533&dett=3&cstd=174&cisv=r20230111.41562&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 75CD 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e5707941c0a5b7ec59a8e649930656f33ddc7dc3eef9dc00d3f08fce28ef93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5773
x-xss-protection
0
setuid
u.4dex.io/ Frame 07A1
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LCTJX77B-4-86XX
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LCTJX77B-4-86XX
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LCTJX77B-4-86XX
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LCTJX77B-4-86XX
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
Expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame D910 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ntdeals.net&callback=_gfp_s_&client=ca-pub-7039023683759476&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&gpid_exp=1
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ca6f5ab9af057479d8c04887b3b072794f7d703b71c84251865bf830a08bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ Frame D910 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D910 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntdeals.net
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D910 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top%20topbar%20navbar-tworows&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5134 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&adk=1812271804&adf=480832095&plat=2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=8&bdt=188&idt=232&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&nras=1&correlator=5406179457265&frm=23&ife=1&pv=2&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.gmvjlr53fio4&fsb=1&dtd=341
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b53a7c3682a61b7273e3f764633e527d5041cb33c4666707ab357d893226b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
3982
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A668 		98 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0210de380dad706e1ddfbdbcf166f83195874b9aec4ee9657aa1fa0133b4a991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34665
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D910 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050103/show_ads_impl_fy2021.js?bust=31071383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17edd6145b71440c1e5b39cf1f0cfba2ee4a51ca70b0292a29eedb352d202312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10896
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 75CD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:57 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ML8DmK06oUsPJLMHFBqwqaKhcvziU3tVx8Q7KfpLIt8JWys9daM7%2FjO1qPmPAw1PpE2zBe4S%2BLDdPVhLm423LfHaBgob20rdrhZ4Go17fnj7KqBMuZrscoY%2BGEyNBupTxgAAEL4HQLDvVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://u.4dex.io/setuid?bidder=indexexchange&uid=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB
cache-control
no-cache
cf-ray
7888aff0daf13ffd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 07A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBmN2FkOTQ5YjU5YTY0ZGZlMWVkMjU5ZGFmYTEzMjg3OGY0YzQ4Mg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBmN2FkOTQ5YjU5YTY0ZGZlMWVkMjU5ZGFmYTEzMjg3OGY0YzQ4Mg
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTBmN2FkOTQ5YjU5YTY0ZGZlMWVkMjU5ZGFmYTEzMjg3OGY0YzQ4Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 07A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCTJX77B-4-86XX
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCTJX77B-4-86XX
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3159AFB615A84821AC31156ED8DC2625 Ref B: YTO01EDGE0713 Ref C: 2023-01-12T20:36:57Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXyFxQB5rbHAc5Z7FuqrQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCTJX77B-4-86XX
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 07A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tyG2YpDZp4c2jPO6MoxrIQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WA1asf1E2oL6PmbvZujYYx2Aaz2EFmm0HWJ.UQ--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WA1asf1E2oL6PmbvZujYYx2Aaz2EFmm0HWJ.UQ--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 12 Jan 2023 20:36:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WA1asf1E2oL6PmbvZujYYx2Aaz2EFmm0HWJ.UQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 07A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKLKGx_Ul4V3p5QU2Mv0aU&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKLKGx_Ul4V3p5QU2Mv0aU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKLKGx_Ul4V3p5QU2Mv0aU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 07A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 07A1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8VJ363GJWZ17Z08ERW0X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 07A1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UO25jztlQzOtLTjO08X_Rg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO25jztlQzOtLTjO08X_Rg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO25jztlQzOtLTjO08X_Rg
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AGZ6CKZ344R98JW4SN6V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO25jztlQzOtLTjO08X_Rg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 07A1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df436db8-3b49-465e-b940-8484da107c77&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF36 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGpDpaG_AY9erBuCQqMwPseqlsAkAAAAAOAHgBAI&bg=!g4ClgMTNAAYDMoyoIzI7ACkAdvg8Wo_A0oeR7jplB2jeXIY0j1Z8hSFDKZEJjoiXh6_sD9slQmovoAIAAAFmUgAAAANoAQeZAukT21gEnkxUqH0T3Lh4P_Fudlm4XQxyjzmuGzoGHFtT3AfdviIjfap2fhRTEJkntukJMgRxgBbM5nVQvbkcZMh1sWZsaqn7LVptW3mmMedMQ3VMjkoqM0mTD5v6mxF0d6lj08HtsxkiyR0hJS7_wkLPBTvpc7-huzJrK-aG9TP14P73bFy62j47zurrI32KYs98pcwMGJWUEU_DSOFWPvNDXGRPwTbB7Imcgo652LTD41DtGVQZw7DdO-d7wHyWBg5az2tYhCZRNY5JzJxoclqRVJVLqkTRtB83XcPdG7-b5kVn3GMWIDhQDckTK6xBW3iM-RwlYrceLbMHlVTqkyoNdUs38xgV22O-EHZMxWwdoRhqlDd9cLb-wprMIBbqRz5IXFfBvfhyVyVSbBH6ZO22ied5d-wHv8LGaNhYdfc5nhRcOjHqyomAhpsDLK-JwL2u0Y0BtmXxnbMnUOTqJ68XW2MIJffLqPVJmzvr1cr9bV73eLV7_YHf7qDHD_BGoF6owx8IEI6y9HYI1eXPQW24DK-fVbFmuxCfemL5azF0jhEqmt9kBZW35sXVtz3jpf2LPWjVeBKF7SgxSrGCFFio5nX62wqdD_IgQHzBk3Rr-NUuAE1QZIEKUlNRsvcooJ50ngtOZ05R--mooWzsAQm1kzWkz4MxZy9sLMmvgcNl9o_oXFDiYhEkSSOuQt1D6FypUrtt1jAh1vTUDFyBVfWoTBVFeFCMYAV-TdMEKEtXzPl8r2qtMO6umEVZXrlP2gc15z3O_pqnGKcvZbGXbLDlFyFGITHnDrDmNSHGg7GAZfg4aUWyd8o2voiE-3XAxAToxmKvCBh-GRKd319A7B9xSCWQBKvGmS3IQD1sGrYewnodYzVlL0zY5IQ-BVpAnkL4weot2lPr75HfSuU6rd9v3q9ZFZf95nbKWo55Z9B061kOE6j103liOCP9Iha0CGLHlt_MZkeg1w9OW_tEowG3IUmHUK2brizB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Fri, 12 Jan 2024 20:36:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D910 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:57 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 5223 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D1CE 		668 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVpREBN-lArzRcRRhthDOzTIO1s7Alq1tb5MrNdpiyVrX23D4WVKs7ZVnGDe46EJyrpNGGAZzT6NM4S67-q5W38g2PWVyQ-e2EkaUVNArBRUYF5Y70
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0B63 		84 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJk7Hsgb03vM7qOwt-SuhwSFDOPWs7FfsND9ZlvQbEaRbMDcB6Q-9jUfppTGgApnNLKgNrpFyGJBt38axeS5Qylcbvgw&cry=1&dbm_d=AKAmf-DyziksVF6VUDAs1mjLztYO3RszuiPxMm5fQ4Rmomz5Kb0Eltgk1h34LpbYtp8u6qoxZWolZ6V-_q4VoYUwDM-Ds3pAP6NnCN3C7EGOn5mRuJTc21RTEihrPKe9XluZi9mLZA2HtH8S3x5vrRxrtXUH7mZS33N6EwS0gfr4hPNJIHcpGiwCpNV_OU4LW2ZYL7VT-W30Qawkm9dgDhiN1AeNg12P-Hk2SKTWQ8ArNeHWZISu1cD-63LBILarUXlmg_aESsM4Drv98vwYsj-euoY3ay7DkCIh_2ZPP2wDJCiWL8HuvdIOi3WcTgWQDKBi8UCd84yEDOk4kjc6YLt4EdKuWHWoudt8ajIEClPvxf-EuTVNXlhl5yvkA6xsPKQH1IDIpkWp--LzpeIKgU9u2hFCVRNalvtXxrm5CkV8yjtQ_R_XJev0oXMUCnYvcZLuGPRHHDKnoQ0KTxL5mCxKBjbQeHMBnkT1I0qjsv4mCQJYhiBZjE6W8c23VMaluKh5qjcv69Ljs_Twdnq5Hp9M8y5ZkCb2TtCk1LZe8g4TY3eLPKyV7rJtuZLHPVG6M73CCM3Cqjcx6Gjs4E1BDSC_LsjLR7sTrD6bsHs6ERNu3rsKZkpzN0hrPIhuq1aCr31TiyARr4Md9BIARHmzQNKttJjrP6-ZjkFhtw5kpU9dYh1Xz8Fqqb5ydIE5UFqV3A7qjfi_KfCk0SyftFtL8nfkFfRxpf6QVquuKB9B9-5veT5fxPYkDEVGzZKnStSu2DaUECU69qe97npC6M8W6pTKb-keJ6wpnJNHRmIEE2v1gmaQ7o_w5wnLLTd8ERi3jo3SJ05TyuugGRWjYnuVipRor7x07K3gHG_iVjVe1cUvFCKXl4B01x7H5asodHpoXbqjhFraQdKv3FMLl8P9iXjLXvQVDkGeni78QsfWbjClWZothJOeC3pehTxmyt8O7C7TTZ4OOJJZml5Ts9HgX-wj9DeyNzPZUSSXr7rNYHkoiQXjTD-q5WP_VQjBd95G0dcA6373FtH5wvpotGgJx4CGf_4qFFZlstAIOKNsB3FhjecOIRmaXhGTH8CgftOOeJ80nDZHXip6DyALg9VBzx4mSabj8S3xzc8PnwS6vsFjJfOYt8LP-NDs6hhbTHWPN-zl3cEJdd5yo2Y-XP7xcKcuy9e5taNT9Q-ldLvqdSxGgseUHTw_m-1OA-TlsMSXu0pG2-Yay04K7PLTuEY3STWXZY-tlHegyF_ZF5fjv9zfXN65U8aWN69vDJACEjE8GXFPBwslr6CVNdZVxoPx1euxOAYVXLg2HRshOfVhF-sZ6gLnqC3TQwq1zOqxVpa9NWZbYH4MDooiaXWiiOqt3vBQIrVByhPCLc97wHMVjG_pAN8L_1IF73vKzQ80QZob7py3Faoklxch3DOQ0fACbwbtWWAEcQx6S15cELcsKu3mpvHd63NP4xvl2JKtjjQDWNPWeqcHG-x6mTODu1-Nf27YJbUAj_1hVdKRPXCUR4bVLNeyRqe_mZ7bXWO7ucSf4DLgI6R7ZurhSk3D_cO0r9kRpp3cXAffAEBLr_nRd821-aSQD8lLUIlGjomZYfr4OOnH0kMPMBO82kDb6qVRdlvgV_X3M4uGgxO99kWVsPgdHQjNNsp89c4m8fWxFWszavoBNE1k6GnZQykw6JoyZSxCjidVTKqiUKS0gvit5Y8zRxGPBMHwoAssy5zoFg5lrwgAK-EGTqryvbXU9re1rqgX3AYZFiPFxnf8T6OcHozTvC3LlTWPwsopEavIyUVe6fIJQ9atHfiWxPDAuUbBKIZ-vV0ET9Ys7IfejKdaay1qzHkG-2TVHHKGj6fCCvAot38kSFb3Zt6gg-YR3PGLiuZrJCpJtA-VRU3qv_wlN5w6tSmrtlD3aYMHDByco9aQHf-HYQRRqIwhr3Y5-pi3WYaRzZwohbNSXV6vuEKqmdCGAM2Rc2RA4kbPkOMKv4nrmnS5IQ4W_nbl0uvJysWrh7Te4LlQ2LGAO1cT1GPdf7S_sHQhpimiFOQqdTsIdrcd2EhH-7wdCcIjWMWju6CXek1pWipoF_Y8UqBqGXsQ2j46nfE_SUBXvBRCa575tYDp-URHrkWro0ms6cswEMM7JwIks_YL7HdHRb6sfgF2NU-ehGshnamAEcnjbdVAU1oh2_e5LJ_iIgLXcFeev9PqeI6lAfiSDsmP3TIC18DeXktDAWdQuQcuzMSJPI_no_TUZf2EnZtjQk64KaAYFcPNUBVxIDedwNWF7Rc7_PljF6DT9IQieVXSNbLeUkDen3eppl-G5puHQWe8hTR5RR_yvA5OW23pscyuLu03EhxH_E7I53enDmp5U2eZAZ667v3tgGJ6QkI5PyBSgOteyU_RupMpoNxlxRjOuPu4bYQBLtrC-xdc5AHgMuahsbi4tqymlsvE0kW6Qz7zHsiV2t_XRGRHxkGkKd0R9LHWuML8H1Vf8KkM2zfkHzkNWZmBlYI2lP00AwvH1nCXjC2706KQ4wWFjNpoocQppx_zk_bxJDWsesmoOMTbKQQpCkthP8E6I3YwMx3EPNc3ZD4sCoixGwHgWhhe9UeAaNC6DztC4WnSeXFyHstqQiNdY6fvgG0wAAS_BPSEoq0s_MI5foA4W45yT9Z8zVF21Rr41nQokK5ezyatKgHu_jtGlWHMz5QPZf3lqMdkK2hRjvRJIw3CM3Nq-ao-lVbUJC1YhBakAc38QIMps82zkhEFL5ajZ4kcmPXgMI4Q6s_xD81fwTHFk8Z2vUI2xs7Y9Nym4fw8nr_3_MaxvwghNaGKLtDO4IbXk4iWhGuSkVXBZQnKKjqP8ezKcE1RB8apggeccjJDVDRlKchVrrxdviwHacqpzeMgqJ-QmKm6chGH2oIevn2bOwCBsrbahs05z7TmtELtK1_4RWmxZrblvG88oCn-GRBjDDmrTT3zL4EAg98BY6rdWjyVDky9NtfeMWxNBsdSMoI0J5TZaGGPYwySPNDrakQRVKMTboL2YaA7RmuW4boD-6f721GkHLsp9jHVRdA_6C-Sa2YNqppZbL_3mp0iqRYc8LMGdB6R_U80SHeueqdBWv4COMScJaM6tg8_9Yvdke7BYa_gB8j93p1jZP5pHtFKJGJZJO1ev9sHY-dZYxVOhVoe-IcN2GDf7XlL2Hk0a_TZx2RQFhX6hTQHxI7LbyPZ0rI_dfTHDIhahLTlK7E3YlunIxlwpowOoxzeglChpj_gsGM_lnzEa9Gdj5GNt7vOl4DpmssVUo6znQ1JcJzRaS6poIrVntq3GeJDFC9nKZAwve7cZ6LDg_fqVFPd6X3_J-FqXL_KHApbwGDMF9dtYr1JAH277XQDnDh2Wdvke-R4FD9nvv_TSyW-RpD4RnpK4Mn_e-zsWac6Escm_G7MdaiHeNMlwPedLcc3RLP8B13vaTkjUC4jB-30815CsI63MjtFkDgKuCAs4zjBLkSw6LhF93aWjU7Gdw&cid=CAQSOwDq26N9_ISE-XBmNhtFTDyjLripvtYpMILflgHvTQDAHcX1sqmlPWw9zi0RUQBGqp5w_qxGyvfHwc8VGAEgEw&rfl=1%2Chttps%253A%252F%252Fntdeals.net%252F%240
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc1c9325899865cac362ceb3ef94a9f849a084151bcd5ee8e7a61c6f7a15b4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35628
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B63 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrVs9Gmk0B01kvdbFqN6MuwD7agNcx_27jFknaDGeBpaMwfHB5MxSRg_qiUSqbd4o3_r7lHsjX7j6ZVbBXlVbA0l5233vCqd-PWzJHriS4BVoQx9U
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 0B63 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 0B63 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:19 GMT
l
www.google.com/ads/measurement/ Frame 0B63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxT4Z89URrGTX270CKXgcyD3iSktzec_X1ud_O1zrShkXfl-Q1bs70ByFslLV1eEXVhIA4TAQHDOJokYwcsJrFOis9aw
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B63 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:57 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EB8F 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
container.html
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE9D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:55 GMT
expires
Fri, 12 Jan 2024 20:36:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C9A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
4098
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:28:39 GMT
expires
Fri, 12 Jan 2024 19:28:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2A92 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb56debcdc7328352e7009a0f29997211392e3ce4d344b49e184fc3b878b308d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pLYTXJFt-FYJEZj_GxfB0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-pLYTXJFt-FYJEZj_GxfB0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:57 GMT
expires
Thu, 12 Jan 2023 20:36:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame D1CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVpREBN-lArzRcRRhthDOzTIO1s7Alq1tb5MrNdpiyVrX23D4WVKs7ZVnGDe46EJyrpNGGAZzT6NM4S67-q5W38g2PWVyQ-e2EkaUVNArBRUYF5Y70
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D1CE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVpREBN-lArzRcRRhthDOzTIO1s7Alq1tb5MrNdpiyVrX23D4WVKs7ZVnGDe46EJyrpNGGAZzT6NM4S67-q5W38g2PWVyQ-e2EkaUVNArBRUYF5Y70
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame D1CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEKtclj5-89DLA3VZ1ARJVFw&google_cver=1&gdpr=0
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKtclj5-89DLA3VZ1ARJVFw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVpREBN-lArzRcRRhthDOzTIO1s7Alq1tb5MrNdpiyVrX23D4WVKs7ZVnGDe46EJyrpNGGAZzT6NM4S67-q5W38g2PWVyQ-e2EkaUVNArBRUYF5Y70
Protocol
H2
Server
96.7.65.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-7-65-215.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Thu, 12 Jan 2023 20:36:57 GMT
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEKtclj5-89DLA3VZ1ARJVFw&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D1CE
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjJlNDE1YTMtNTIyOC00MzMyLWFhZDEtYThhMDMzNWQyY2Y3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjJlNDE1YTMtNTIyOC00MzMyLWFhZDEtYThhMDMzNWQyY2Y3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVpREBN-lArzRcRRhthDOzTIO1s7Alq1tb5MrNdpiyVrX23D4WVKs7ZVnGDe46EJyrpNGGAZzT6NM4S67-q5W38g2PWVyQ-e2EkaUVNArBRUYF5Y70
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjJlNDE1YTMtNTIyOC00MzMyLWFhZDEtYThhMDMzNWQyY2Y3
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 12 Jan 2023 20:36:57 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 75CD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5_MmZJvOUqlFHSIBmekeb-caZDKZRmluMrqMKoqeuxrM8yMIVzbrZ7EvEYpz8JgyUMJea6iBGCe7dF75d5prUhO8-stzVyaUyz9kFEB9AXZM6tlj0vSaRGxZUG8AN9x-v4Go&sai=AMfl-YRzVXoeUpmOmvVgaRbcP81Z-QulJnd7BZVpHpkiOiRYDiUeHl8FUkuiEA5CkKDIBvr8PM4JZYhiJVbZcrJ_mQCwRlIr9O4ucrJbVg1yoj9zZ83vscPUS9llspaqHv8&sig=Cg0ArKJSzLiRum6TxX7PEAE&cid=CAQSPADq26N9AjkX7A_Vq4dEZZL7i_0ITE172PsWN-74kmwf9u_2voEO7a33qmnPTYiSJVgbNQz6bnt-sobbiRgBIBM&id=lidar2&mcvt=1065&p=1036,315,1286,1285&mtos=0,0,1065,1065,1065&tos=0,0,1065,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=0.66&if=1&vu=1&app=0&itpl=20&adk=296857841&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673555815883&rpt=407&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0B63 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Origin
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Jan 2023 13:15:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 0B63 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 13:15:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 0B63 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
41831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
12554467027428251666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 08:59:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 64B3 		503 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVbqwNdfxLSC4gtipOmWLexLJiO3zTFR8YF00SHSUB_wRjm_AZ5_lmO4I29cH-xsX-ThXrACdBVKMXi69DBKqgGRdnUFYss_KnrTHL2H-xRdIkIi_E
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
198
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame DE9D 		84 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxcLNgGa80VIkYVFPSr07F9ZTrH7FxQjJOMK3iPQEwIo-qkts6209LEHuIiJMHstveEwcCfGliET0aWm2rh2y8svLTNw&cry=1&dbm_d=AKAmf-Bg9ad7Uj87A0P-AjtKnYjAISwvfxijILwuaY_PiXmGKD60muUjjpFilJ5uG5zYuU5ki6hc3z-yivtUQULlez7w3aEzhkLXrRQRDXdzrQLBZ2zH3Aa_RpVVUwQqSwQKWhltKMbVDcY1hVSt41Yjm56YNDK58IJJt19WgMJH4zdCNAYpn-J21g20A7BzhrR8bYbzRD121AFDg-ytExfeANO4FB4Y2eh3vdoDUp1Ro4glqDjVDE0OjfAMXgocrQaQtuXwCDI9bdMS3N3zdB9RcHSX603VO8yJjhXuMBbrpciA_uA0XGRCJ5KhI8Oa3pF-W3NAJSvr6zJVVzGtOqybjeWwQ9cVOt_lgPGPdWWC4mIGQI6-OgMGFV_WdtD6brFznvzKu6SMUniB9Z9GDEqw3pnLumtJGndWk5fnOTn9o_gbktBIPkzdMZ-D_oP9Yge8acWEAaE6xmj4OLJ5kj4UCoujD7Nd5-oOPsudTM2LAsbR-zcl8k95WcfnGVV7P3xmNYUK4oYWiWKjRdj7GfPzdQNR0_Yq__ljceloEshYbq7u0bi9qbCuKDUS3cYXPR7n_Hb8FYwcimfQOmBb-GJSOOZWzJBoSFgXA_Xiq8KZucE2XuNGzMj1w78Mx7DaU2-t4eYx6ImJboDFOz6hlZmI7rvG-Gh_UO229YW21ggPEXnKregF2MSITxdDBY5y1A6KO4QWXmkRYdNhiLc7LT6r1FJiQUMO4YpKnJj1Q-dlG1uWUVjfrY5jEwdrA-XZw_bGdVK5GoVTPvWqRI1MylMDWV443Jj_jG5JZeum6cq4xCJD2SEALcCCiKU6qdGoY942yQXiBNZQXNW8Qvbl42HHqG_UzVH5CmHAPLl1MvJ5shZevRJ3Pv2GlDjqlHih0gUQrfb52wK_SxznLZsKtTJ2aXOZv-rK8LNZoBXRicBUDQdwvZa12ULRQtlJ5m7gKpvHBmHUoXDZ6y4KuHYqTaLXOcxe24vtcGi5JmmDXiYWShHWE8KoO_pdtKmZvkZHfA4ItgrDJgdRoyOahmz1FJRCCl-YHatTEwIUcxc3_G70sTLXg_uenHKkQ4CiD1VzPrAA-v5LGgvpu8ccqjNMtaUEz6pzpx0lzZsRSHvtfX3vLWh6tEiVZabw7EcVIRPaZ3jV5Af4oilTQyNB271MHWwW97AMqPn6MctbnG4m-22aLL3_mtQ_2zNNfFDaYBeNPadcPZvmL9io-28zKyiPXpgxUuObUTsybcWv9IlaoyFnieTCacRYKHaXajDVVV-TY2wA3DbDPnEhBqrTmbfIlehjwRM6UxCSQ1xCtFT1vkjMg1arYiIUPip7DbNXLMyrDqt0kcbd7OIGwxcseMIFuJ5BgquTQoOL0pdaam-5tPLGwHqBKOOOtWp8vYJOyclOK2pBr4PqeIVGPEipCC_-q3b03TZn2uf_ehLFugvtmzS3ULNq-KWlxa-tpkIuMWuFdc_RV5-Kds3RP8gH9hiE95L51huNLbEJ9S6kbnL9SPmgSdoxmgDdxElxuQVHoCEKugmVIUX_5otwch7pRDF1dtBdqKtX7gGOVAKioHaoFG6e_xYi9Z39oXskI_tpIWQzWlVjU-JliDNx8P5yJjUFJC3yy_1xvEd7iVhLR5KjMaw8P-INdORBvbEA6VP7rnOvikY_lntlLcMBJt7-7Vc6m8CIoIVC5BvSUWleAeYlidm26pwMUivjDQyqyG0Oe-UNtHa3xBU93xAfiy6tmII1Ckp65g_RRZQZd-7qr9-zp9CC26wQ4eKGVGWxua35WpT2JAJlUWuxDe2xQnLJjlEQd1XqUNjnfwlgUu5z2tjci1yifK5Id3YuWIxM4z6-rZf7_ltTuhDBcj4pRO8jaDh-cxFZWXVMwwjKAA4g7GO0wGHRRD1XoCHlQgwaWAy8EeAmW9zJT3CvrmfC6AB7u6GflWCADzflJUIsjItRgc6WKSr1nK7AmzP0VjR277tJLbmrQoz-3xA3rkb8xDLq1BqKK03ZX6yH81okvbSbrrXAEBFZJsw5brVW-Aeuv8i8FfPgp4DzGUBgUjZxGV4MN1hww3ORNmHyCnkBKdgYhzyw478XG5P7IBOOVSWdB-5ny9szZL1inE4kUZXpQDtVqau9qL--jFfJHh_c-mAUnrqSg_E-BWIqiqfghz9PvPtUnR8850Q4_XbGeODazu0q7JEkpSnpGATEADt0tg3wNgFw0pOL_jtfsaZrWAU-Rj8tZWJxvF-0jlGbzRaWQlwt8XXgcrv5aZyRNhhtKX3s7KG1HvrxGamW7i5HoqeNZ9U8NJKis8dSurWVw3SjzRaNJrc4Za9s6J21kV-r3us0AnMPRkwE9464E8YUoX7Zk_tSFYXhloEDCIsNuNukuvUPbLNK762NGesYY3w9Uc6KvNwJLsd6N_FUG1swZCCu51UnWyDTA9i51F1MLgMrwujYuK1JKi6W7illwLeKRoe4L4bGxjrgfc28OaHvPlbFjEfrZBPJ2Hi36DQqgO-sGlk5Q7lwTSOd8U_5NeBNpGP0yyTWSAwWAEEC4G7ku0jgYHfCRFl3Kbzk8NhYwQn7B9j4Gsd_g8w7I6MMhuueDbBjnzzFheJqjdiwsske2WAWlXuQw2E3vWHO4IJDt1g97N_TYKGu_jQzIPjTlDLD9vHyjl401zbvZVCadsKosvgXzbW72rqSBIWpuBPe30AgdY_YQ_uz3RQIW5hneILmeAou43eZ7ssLLWjCLP0Z-FBtdIPBf5bVn5BNnReiPShpfuC0Qx_HOiCqMdloAZWybkM9XdKdsJ-BCoXtC27n4XEBm__4IqbV5GNMZFxwpr-CFIK7JYC5ZzhOWN-JWyT0HV1jLi2Pt31IKBt4S1RXi1kj2IizlqfL0hCpqNRoopGayDLSuRfcW8D6TnLDFeWUtF7S6_LedOmMKL3wPxcMQ8ap3y9vBnjFRUz2yl3gUjBfDZ6KUUeLopctJXyF6vbb5CeLyvxVa2f2ZqNecpbX4-vxfAXBWRIYimL7XJDDuqhebnF-OoMxLxi_2FXpOOhDYD0-RAlNt1zfjYMt67RXl32CmfJih-lRjyDIFwv64N-7e8DRaOTS_AVlryjnsEGfzFEVD-gL5psWcpfyQTIuq4xE2F6u9qawPauB8I7TDhjZSmtGHPFLSWZ7CMHcKfnbbCkSI1A5tymavDgEw-CSCPf64oEKtPy4cHCAt698vlGMQNgK8qy8MX3PYxWpXMLwk521mUvF_Gdt5O29Wx-RCl233gyyjQ6HSMyMSO0wZ81wRgOWVQ5MsA89v6E9hUu-GCK9NEA1zNcGeG2MHl2dcx3u7YmEypvnTaAHTjQoWSQn_3_mLNvsQOvpkK5D2YP104Lv3ETGeww6DX65f3rNeN_99zPsIo03WbTQCtn7NncbOCVN0WXxNPAz8rLYUUHu0-Si6jOn1AqBYR1bMioT3LB10E3KqOvWSLJii1mDbKtSF79TBzFSZ0aRFsMxsSLE7w&cid=CAQSOwDq26N9BOOzKQl9rrDpDJOPkldUb16wnN8lOX1eEcSFr3P5JJ7rqwN7mctRI4T-2bD7NT-rA8Kknd5BGAEgEw&rfl=1%2Chttps%253A%252F%252Fntdeals.net%252F%240
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35c610c18037de87d1f2ff6bb3776d51d684a598ab6e5a5df5d74f15f68dc702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35538
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE9D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEnAysYGfdMkKbaL0ZWvo-spaviefUjWQEgkavOEqrOllSlufF813lV6YfrMtn2a3r__wssBIbJOQkIFQh4RIPFTgiiC0s3MQTvQmpNIYaYaXQUKw
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame DE9D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame DE9D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:19 GMT
l
www.google.com/ads/measurement/ Frame DE9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLXwjkBI1xozlPCKdSaFemLUwWWGk8T9PugXffb_wEcNIi-sXqBO7CwjH1cafVc1F7gbcOO6TQaEvhQnOBwDQ7hk7Hdw
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE9D 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:57 GMT
css
fonts.googleapis.com/ Frame A668 		8 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 20:05:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Jan 2023 20:36:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame A668 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame A668 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame A668 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame A668 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 19:28:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A668 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:36:57 GMT
1507d5c23d710c2e70b81f354fbf7065.js
www.gstatic.com/mysidia/ Frame A668 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 20:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 01:26:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 20:40:22 GMT
setuid
u.4dex.io/ Frame CF81
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=bc65ac468bfc90e6260132832a3bc684&name=ADAGIO&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dadyoulike%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=adyoulike&uid=3237481a8a9fd40481c4dbde12a4a54d
0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=adyoulike&uid=3237481a8a9fd40481c4dbde12a4a54d
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 12 Jan 2023 20:36:57 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:57 GMT
expires
0
location
https://u.4dex.io/setuid?bidder=adyoulike&uid=3237481a8a9fd40481c4dbde12a4a54d
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
adview
googleads.g.doubleclick.net/pagead/ Frame A668 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2NPzaW_AY8v4AdKDrr4PwaeckArIpqbGYoHY3vadDZjevO2KDhABIMPrkSBg_eiigfADoAHt6pDOA8gBCakCxtrxx_gNsj6oAwHIA8sEqgSLAk_QYx3HLtSgsX6PiZOfli0vL5zNVXD-ha8U8AvcbkhaYgIwsTasG74t1lyBsKmE1yeBTWmtu3T405codVQG-Dq9tw2MKGW5TGaGGIFyloIzIi-qQg9cDC9frmZriflPBR-PSJgKqHb4xgh5SUi8MP0jpYaTPXt-crqVM7IYjLGEJ_Zd0CZKA5z0pSEQ2dYS9_t-8GoVy08ZYlBTWin0HxkhVZZHnNaAP8iC_mNYVLXOdWYAJyoS66xHb0XUP7hRsfb9p_YeOcQL5EYtcXzNc02s4Oyi7FZ6kCWGver7lZh7rExk-Wy5MJBuT-J00LsvObEwsNv-Q-BfselITlgdCldVcWf96ziJGsAdOcAE6YTcqbkDkgUECAQYAZIFBAgFGASgBi6AB_uU7zGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDpXtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTC4gUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MDM5MDIzNjgzNzU5NDc2GAA&sigh=tDqOaxOUsEg&uach_m=[UACH]&cid=CAQSOwDq26N9xFIPMPLnw5w3U_CuIU4qZVsHdGQXpiTYQBCXdfY4j7QPf4iS_87nD3rGD877jQHp66Q4x9W6GAEgEw&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sync
partners.tremorhub.com/ Frame 64B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEEBcO8-6fH2me3mlPAwpdTo&google_cver=1&gdpr=0
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEEBcO8-6fH2me3mlPAwpdTo&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVbqwNdfxLSC4gtipOmWLexLJiO3zTFR8YF00SHSUB_wRjm_AZ5_lmO4I29cH-xsX-ThXrACdBVKMXi69DBKqgGRdnUFYss_KnrTHL2H-xRdIkIi_E
Protocol
H2
Server
2600:1f18:612b:4264:e300:4af3:2fab:c142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 12 Jan 2023 20:36:57 GMT
server
Apache-Coyote/1.1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEEBcO8-6fH2me3mlPAwpdTo&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 64B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEO7wxIIJOp3fB2yh6X7s3cw&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEO7wxIIJOp3fB2yh6X7s3cw&google_cver=1&__user_check__=1&sync_id=dbc0ca01-92b8-11ed-b439-154f9acf0303
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEO7wxIIJOp3fB2yh6X7s3cw&google_cver=1&__user_check__=1&sync_id=dbc0ca01-92b8-11ed-b439-154f9acf0303
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVbqwNdfxLSC4gtipOmWLexLJiO3zTFR8YF00SHSUB_wRjm_AZ5_lmO4I29cH-xsX-ThXrACdBVKMXi69DBKqgGRdnUFYss_KnrTHL2H-xRdIkIi_E
Protocol
H2
Server
192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
389
content-length
43

Redirect headers

date
Thu, 12 Jan 2023 20:36:57 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
/partner?adv_id=7025&gdpr=0&uid=CAESEO7wxIIJOp3fB2yh6X7s3cw&google_cver=1&__user_check__=1&sync_id=dbc0ca01-92b8-11ed-b439-154f9acf0303
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
70
content-length
0
pixel
cm.g.doubleclick.net/ Frame 64B3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJjMGM5YTYtOTJiOC0xMWVkLWI0MzktMTU0ZjlhY2YwMzAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJjMGM5YTYtOTJiOC0xMWVkLWI0MzktMTU0ZjlhY2YwMzAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhD_hV8Yt97jpQEwAQ&v=APEucNVbqwNdfxLSC4gtipOmWLexLJiO3zTFR8YF00SHSUB_wRjm_AZ5_lmO4I29cH-xsX-ThXrACdBVKMXi69DBKqgGRdnUFYss_KnrTHL2H-xRdIkIi_E
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:57 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJjMGM5YTYtOTJiOC0xMWVkLWI0MzktMTU0ZjlhY2YwMzAz
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
581
content-length
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/720062488853965341/ Frame A668 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/720062488853965341/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
109c3c5bd310f3e4fb0c01c4bbd5510b241d7e0e4db27cbd8732744dbae777b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 02:35:33 GMT
x-content-type-options
nosniff
age
324084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7434
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 14:13:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 09 Jan 2024 02:35:33 GMT
truncated
/ Frame A668 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A668 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Thu, 12 Jan 2023 20:36:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b841bdac-3301-40e3-8d20-fba9f3ee222f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=6795602408261108026
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2A92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=3405326288921262&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
firstevent
scotiabank.demdex.net/ Frame 0B63
Redirect Chain
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593
42 B
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.187.41.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-41-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0a71483ba.edge-usw2.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tKnwhKSGSBg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-01bda8aba.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XORf7hHYR2U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
index.html
s0.2mdn.net/sadbundle/2294254016198082560/ Frame C03B 		68 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6211618d5a40732adcffc6170ab268effcd23d2bdb52e4bb63f21beb0d502a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
527573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
13463
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 18:04:04 GMT
expires
Sat, 06 Jan 2024 18:04:04 GMT
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0B63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujQBHcI0PU8zS3RoREasjpgtjLCoeU_jzzuBo6OvjBkefgyp6eKmHxFuJalZvE68JcHK2n2_-UnLbs7H5yjEzZPDhyFG_Rcx0XcQ14mp9gSVLmi6vFkVKkwcztDys57Szi1bWGIBnsBPZNH0ZUL6ikHDt6_7zpPT68pB8f9-2WqSrbdhrcYKvDlg3ScTz2aTph1ta76ud7anjleyBo-HACAkKFAvWbbQc41zJi2ZsDUMn4BPGS-Ta0EvQDnKkxkmphE08jkmydIAuQAlpyMKNIxUrrJMw5uvy7MMUWcu4vOOAarLrKe1phjB4EqKvrKnlcS3u_U2w4KIyYUUhLD72qjofJzSm31TN16ClWadPvVX0L3_o1lJrngBQI4cceQrqeOzOJ1Sn_UiqWdOok4Ea4PBNnT0oWMAxvcPMQvm2nUyYCd3qaPVjDSxZ0cBSRbwMQEJRuYisfJGPVCG551IJb3woCOdPOXNV_9PZLNC5kuzQODRZE7kuJQkhyzoE_6YaTLCcNxwmPeMrNyvMkUR97nQy-xTWLbcA2dSpLlrOTIanvu5f6dYFYhont3VnyMNOnahiucMbL-hQtUQsoMK3tKBX_OnVcqDLEys2aKwYnpE3DmI3wcEubRuKcS-ZkwyXPe-Pxf2fI6IZTCQC9xcQokFFiZX1YEXv1NbiwUUmtGHpH_FWg5-YLVkf_dCniUSVhq_LmfpYl6TzV9DqjVBbJXJNz2_76vK2SxZiB8pKweSbEGg3MTmwlo6oG-ZhZpB4u4P6R7-Q97GNGgfgMcXyVsRBscfAFWTgxQlIsF6_AHqJfCiTndu-PDbqP08Fw2Fod-FqMChBicUe2NE7fWDqEpaDx1DKK5qInqi_2wx_A780YPuaChMEX5ND_bLfOQHPt2erN_BnsnZO2yfSsBk6J_0D_C7JkiWXcSmR3RuX05fZvPcGTTZI3ugB7oGiUh6sSgN6CariHIZTzbKjLjiwQI2odZu5NQ7C9TyKjB1XTYVfHeoF5KxvW-pzv9QBa2x3aKsbofhX61sNXgU2i8zBF7jF0Gblk-oVxLS8Xc_nHAauj9HZDxXYCyq2P6u2CY2BhKgm5iB-FVjJL84Uhi7IPTJVDABihzPMEtvMBZbijtD-VAquOkHbFSGRolK3shLL12tTgRnp40LTD7h8LC3J8yV7c_LlyY3JnMZzqtEMk-Drt0TDJkoti5GcD0WJyuslkqRNt-2Vz1jBw7LidYc_8uPr5rUB8KOd7ekVlHr1pwV0bU9zhWeDpypL9zh3Qtuf1hZm6U5OWtLljcav2cTmf9osy44_1B85bjPIHzStBb1eqbc7bhL1IlBvwvqKGhuQ3eAlaYZPu4ftE3KCU&sai=AMfl-YTgHtYvbaK4AFdeqiaGnmwxP0itZC_hhbAOfoRqJHhOCKtyMkl3og3F5hq4BVtxQSC3_m62PtFHfbHKQr0we1ImzU71jBl2nput8VUJDvAJelU37ZIHTye21YzzLKU3MLPKQkidIw7mFyr4TKIRPIZD6kwfWJVv2jZMyOb5aADythptp7NgXleuMyuucCmQe-qavVZi2PE61J3UzQmuk2lt9U7WjW3nRdNiWCv43KSH1eavswhVrEUVWrQkrZkdyJyUc79y25iecDp41YzQuHZHqsGRzbh1hQ&sig=Cg0ArKJSzJgN-eSXpFFDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=176&cisv=r20230111.10397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:57 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DE9D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Origin
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Jan 2023 13:15:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame DE9D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 13:15:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame DE9D 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
41831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
12554467027428251666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Jan 2023 08:59:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F877 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:28:19 GMT
etag
48472445140208031
expires
Fri, 13 Jan 2023 19:28:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B63 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 19:39:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E751 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:28:19 GMT
etag
48472445140208031
expires
Fri, 13 Jan 2023 19:28:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0B63 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ef52bed74b2945591eaff074cd13c678a6113e0a8ecdd16bdefd7e53c1e130

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A668 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9ab3e93e548faceb7ab2dff70324e77efa5ddc9fbb53eb9228710622c569f4c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
adframe.
fundingchoicesmessages.google.com/f/AGSKWxVlZC8_Nvdk5Yf3v3PFYPX5WQpuAKjNLy7m_9TVS9dvx5O80lY9PqOC0G8L5bWahhljc7B61aZa5L0NIfxSvDHffUR_8uKI04jyDce90oXYQrKkvzq1z91BPjPChywG-F4b465C9sOKFEqnsk8UVF38XZxk1... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVlZC8_Nvdk5Yf3v3PFYPX5WQpuAKjNLy7m_9TVS9dvx5O80lY9PqOC0G8L5bWahhljc7B61aZa5L0NIfxSvDHffUR_8uKI04jyDce90oXYQrKkvzq1z91BPjPChywG-F4b465C9sOKFEqnsk8UVF38XZxk17qJgUaphxvUgBYqqqRb2Ufnq0cpP8dz/__adserve/_index_ad._ad_desktop_/banner-ad-/adframe.
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b542ebfbfecfcdb14d099c9c8375bcb62d787e71ce17a01624186f26fbae8b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ru9oe8Vd7g0LOvXRaY2T5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ru9oe8Vd7g0LOvXRaY2T5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
227226d2d40b72e69e9603ca676ce7b8c7f4f83058bce4c4af126ba3eb8f6f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
1661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12696
x-xss-protection
0
server
cafe
etag
14588972336428064492
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 21:09:16 GMT
AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NWWe2qJhI3KFWdJpjb_iUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NWWe2qJhI3KFWdJpjb_iUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ntdeals.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 6C9A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
/
hde.tynt.com/deb/ Frame E481
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
3b909abe758405d5abfe5a01f2c319ce1ef4211d880559f0887df082942a425c

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1585
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A668 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 10:24:40 GMT
x-content-type-options
nosniff
age
555137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 10:24:40 GMT
918e9e9e.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		1 KB
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/918e9e9e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7274f4c74c548cbc43a3fce5f87631a43bd64b707186c559482a540977c995e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 17:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 17:56:07 GMT
f32c2a96.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		659 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/f32c2a96.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88bb62ab8413ef70017838e25737e466173fd27636bbd11c8b2520efb4267ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
389
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 01:56:02 GMT
9fe7b444.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		1 KB
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/9fe7b444.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd3562eba8add5cce59c21ef0307489522a7ee3a0dd63599b9b16a282d64664b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
632
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
b3bd7c74.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		2 KB
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/b3bd7c74.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f65c5715750c282cf482388402578c9065b246418d441babbdaad1e39a7375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 14:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194900
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 14:28:37 GMT
05bbb152.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		1 KB
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/05bbb152.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07528a33d0d0685761da5e15d26b30b81be1dcf80a2be9fa87ecdeb559f14f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 11:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206702
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
627
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 11:11:55 GMT
efb85237.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		973 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/efb85237.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b88fc8ac7ea815602271a41080cb64b4bb8ac1a1bd984c24a66b70f4da060550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
569
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
19264423.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		1 KB
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/19264423.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1ca48c8a81c3cdfafc2cb276206ba1fe5fcf6a63636316ebbe3fb5a935e6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
596
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
ab43b44b.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		2 KB
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/ab43b44b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713c6acd109fd24ddfb7b285383b0e9e5cfdb4c8d0211561f25bb296fe8e3879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 09:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
778
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 09:28:38 GMT
847b3a6c.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		998 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/847b3a6c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9600e61184bf4d3e0953d492e8fceaaaada4055d8f49bb2e71ff88fec2f4ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172616
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 20:40:01 GMT
6e422d5f.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/6e422d5f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56f9e28b8826b4592b202454ecf0fcac10f8bf6d5335de79102ede607cfef5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59143
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
36de504e.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/36de504e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11571f3fd51e4adbad516043297c9eeade058cb48dc211e744f13baad27ff93d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:05 GMT
x-content-type-options
nosniff
age
527572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1804
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:05 GMT
a26a6b4d.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/a26a6b4d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
461d3765135aab9f963807e46541b58a3c4b8e8a9111c036f70d63a8c4a30fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3364
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
42f7d6a2.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		176 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/42f7d6a2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae85ada9cfd84fe4c669b94404ed6209e989e4f68945db57c1e2820c33a18c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 21:31:07 GMT
x-content-type-options
nosniff
age
515150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 21:31:07 GMT
b440e7ec.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		188 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/b440e7ec.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6a56b0eedf2164ea26d50232cfe5f664b996fcdd0332c02d6fd9b683524886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 23:16:26 GMT
x-content-type-options
nosniff
age
163231
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 23:16:26 GMT
891fc44d.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/891fc44d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f51d01b579c673ebad56e6adad52df632ad00c766060980718c06b6c76a23fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 05:53:25 GMT
x-content-type-options
nosniff
age
53012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4708
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 05:53:25 GMT
6fff3654.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/6fff3654.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08236304df812e92e1317231184929c0faf9f8a321e95b7729e4dcf3d67d3d0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 01:33:43 GMT
x-content-type-options
nosniff
age
68594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8850
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 01:33:43 GMT
573a6f99.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/573a6f99.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb16d1c0468d1d4a9bdce34611a6abc10ba8616975a687dc8fa70eb120c34b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 07:25:55 GMT
x-content-type-options
nosniff
age
306662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1817
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Jan 2024 07:25:55 GMT
d0811eca.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/d0811eca.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6ac2354bea6ca977f55564e16567b873cf85b6da608b313948f5e5d2d7523ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 14:41:47 GMT
x-content-type-options
nosniff
age
194110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3390
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 14:41:47 GMT
193f56df.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		945 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/193f56df.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c1dcc2fcdd4634fe8c4f9eb30ecaa6c944b039daa4261641419bbbef3adea7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:06 GMT
x-content-type-options
nosniff
age
527571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
945
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:06 GMT
a789d8cf.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/a789d8cf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68c90259bcc6c9f8ce8e61bda3b98b353e807dbb1a831df691c7c16b713a783e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
x-content-type-options
nosniff
age
527541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1968
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
2dd5bfd2.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/2dd5bfd2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde1a86ecba3297dd3584c4af191b993be29cfb6350ce63c5870e7f9da30a88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:34:43 GMT
x-content-type-options
nosniff
age
43334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3051
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 08:34:43 GMT
0bb4e2d2.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/0bb4e2d2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476aa2d7a84da45c9e8a0f13641016a5c8085f65ba2b7fce32e03fde1c95c3e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5696
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
7bb9b04e.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/7bb9b04e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8dc716613268894c1b99a55f3d92462e60595ff3c1218c9d96d6277587eb699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5083
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
ec13fad9.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/ec13fad9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d188964bef755f9e8e2d41d114fcb23d3d695224683166af63c63cfd4ab941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10259
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
ff288155.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		194 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/ff288155.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bcdb3ec02e7c97412562c66dd458bede4295c79b0719a655ea49d303832554d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:34:44 GMT
x-content-type-options
nosniff
age
43333
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 08:34:44 GMT
901e99e7.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		276 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/901e99e7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdc47f614cc6c097a54c3f84ae1f9d3fd4ef8bd4860a197c6ce2d29371fa4845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:50:23 GMT
x-content-type-options
nosniff
age
125194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
276
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 09:50:23 GMT
4c6a7a36.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/4c6a7a36.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4cbc003e83946002ce9791bb7d9cf2ed505207dc7e5e786919d726c0c357736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3817
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
b2d1cbfd.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame C03B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/b2d1cbfd.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c51488e62c69a64678cd7ae6369c19a7c912a52a9c7877d997844d34bfc4f9b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 00:16:54 GMT
x-content-type-options
nosniff
age
159603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7189
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 00:16:54 GMT
firstevent
scotiabank.demdex.net/ Frame DE9D
Redirect Chain
  • https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626
  • https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626
42 B
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.187.41.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-41-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0f66d19e7.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YcbHCO76Sbw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-01bda8aba.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zjCDHrgbT9o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
index.html
s0.2mdn.net/sadbundle/2294254016198082560/ Frame EB35 		68 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6211618d5a40732adcffc6170ab268effcd23d2bdb52e4bb63f21beb0d502a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
527573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
13463
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 18:04:04 GMT
expires
Sat, 06 Jan 2024 18:04:04 GMT
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DE9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBDjrxQjM80nIMp1JrK7c02BVuv_IzXs6gpNSyKpmp3UxFdHy5yhesC2C8EmF8aOGSObctomO75XsY2-Ou_EQq-mNZ_9mftSQMJJtsYCIeHBOYw7kRTbU-LdOOrObObNNMGMKsyrfO-dj4-7EadF-9qyggn6_7xepFBnXTiGCknngHds3ME4yl4Ezt4RbIs66L8-sMkU_bL4vFSgNdm3TcRtbwzn8iOGD885g83uBdAp_7Dcij_evmz09OWQJoRYTJjrbiaUcFPU5SkqlwFOCwRmtmbxh23FnhpaC0Xp5ZOG9TIcPEVpd6yw2waB6lpebY2v3PKXoGJBlLjUq5Gi1ptbHioEIfWscgLb8MO9xRp6Lcqr90WR4kf8E1VlZNbwbN4EulGD1IAhj6GoZIZ03JDzoDlDkkX155GWf91t1N5uYerXtSpW1lW5Nwk6PWjfte9yt57fOn8SSvCHDanbuE5qyWxrE0t6FKd1HOABVRTxWc-l2N-1aCqQh7vXRQQlRb58KRgjzZ8ebOvuJv8_ELBXgVn60mqyKGdaNc9-G_oz7ycYRHaChhKgymLVxHIi8Z1A2lPYKNetu3IB2o0h9cwiAbYEF3WaKmImGnEqtC-5ieebNKs8eBZ4JG9MaV_5Y93sJS6dRUZQljAuaRTbxQq1iBj9vppww5YS-Wm27OKY_DkyAald6fzQe-6Uxb5AO7sSFpTeOu_LGGAWwINW_3CoAWBxY_7OdImyV7DoGj1hRom63X-sKKD6yyigow8EsOT6hes5c3Vcr5gQ-LbisNPCTKEzooDgfosnEYzuEIZrmNtFjJj7_RCrcQlUbjiXhzqJSMJfWgnt5jksjrDeWUkUqbBq8TYDSaMU_1sFl0EyNlwvU1Htkdxz5Iccbm66R27y2ilpX2bKmYiqaf-fEyvvcb9o0p5OzYqCzT9SOmv761QxpP43uS-RsmH2n92JwRcmgnEUyAohcT9alOh-bjU68npM_kh2ArXdU9k-Lrv2vmkPlzmsH_xket7m8JEVZEShGwmcbOzVOS_KUM02Y4V_D8ajmy__9puCgyQO-H73-3ln81BhRxZmKdNKh6Z0GtY3FPJlfwwjFSxqGjJyyiw5ENNbT2wwnLyB95T2u0eESV03ezOYG22hoPJ77qHMUtNftfdtdddonqBt16PxIjIlX_V2eTcBrjo2qe9wRR4sDyv1zjGZscvq92xvGscl3GktKqaZp1walf-WPcHXTVwK6YmBGi2A54_v_IggD1UA3Mx8sju1M07w4xesEiAAidp21BXNHcQzG9Yc2hMxBS6p_jgDE7ajIEEgf-hegMpXBpcrU-SblAiF9wHJwsui4iH7OPuNO1YRrYZ_CG&sai=AMfl-YS6wRP3auegw0jeQevRRCmdY0zdI_OjjYp7zYGnQ7zNptIhA7LUS2P3DNceFSo_NLsywFUu3VO-4DNb09NRHRkVqmWbcW6qrnX85NZ3ggop-eqrNyjeGUKRivZiu0tPGv4CGPkpgUZrpF_Y6GJP-XX1TaeEER8KNsvUSs_OLsL-cxuF9GCLEaEDM_vO_8RLQZFrRERHIhYZ4O4nhYRGr1f48HA4scp45lc7RfUK64A8Yf_twSvq4Q84FFwLJMQGNwO6qVDrdxRsqMYC4HDspKtBJ-8ip-4kQA&sig=Cg0ArKJSzA32T4-aKttwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=238&cbvp=1&cstd=232&cisv=r20230111.48308&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 12 Jan 2023 20:36:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:57 GMT
pixel
cm.g.doubleclick.net/ Frame F877
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOTdzPYd3tWwfSrF7jvUw6w&google_cver=1&google_push=AavPq0Nte8pw-ZShCgIc59ELmy0MrOjMfHXbKRL1xab5NdUoyXK3kzIofNrYwkRCq4LBLqUdGYeewUsUG2Eyp3JgZjD1ZcWF02Yz7A
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0Nte8pw-ZShCgIc59ELmy0MrOjMfHXbKRL1xab5NdUoyXK3kzIofNrYwkRCq4LBLqUdGYeewUsUG2Eyp3JgZjD1ZcWF02Yz7A&google_hm=i75hmbwJwTkTqbB5KCw_5w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0Nte8pw-ZShCgIc59ELmy0MrOjMfHXbKRL1xab5NdUoyXK3kzIofNrYwkRCq4LBLqUdGYeewUsUG2Eyp3JgZjD1ZcWF02Yz7A&google_hm=i75hmbwJwTkTqbB5KCw_5w==
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0Nte8pw-ZShCgIc59ELmy0MrOjMfHXbKRL1xab5NdUoyXK3kzIofNrYwkRCq4LBLqUdGYeewUsUG2Eyp3JgZjD1ZcWF02Yz7A&google_hm=i75hmbwJwTkTqbB5KCw_5w==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
fn8m53j0aqc1q7lctobqgo72gjj6pff3
pixel
cm.g.doubleclick.net/ Frame F877
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Nou5J9Ova5WWSCo5I_s5U72qI1QK0nUMX-1uCdr6kGmk43Z9NWHjnv1vgNXCNe-eZ7a-eEjp_qLmYKgOVlohfZMs8jmuKkvA
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xneNnAJDSTmiAr7nFMD2rQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Nou5J9Ova5WWSCo5I_s5U72qI1QK0nUMX-1uCdr6kGmk43Z9NWHjnv1vgNXCNe-eZ7a-eEjp_qLmYKgOVlohfZMs8jmuKkvA
date
Thu, 12 Jan 2023 20:36:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F877
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEoHdwSVdKppRRwqv31Mcec&google_cver=1&google_push=AavPq0P3JIfLcUTda00plCmFlaqV21uhhoz8aQ6zO1QtUBFvjN-q1Teb3FrH-CwvaggTQ6_D5AD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY&google_push=AavPq0P3JIfLcUTda00plCmFlaqV21uhhoz8aQ6zO1QtUBFvjN-q1Teb3FrH-CwvaggTQ6_D5ADhGjGKQ7-qWR5mAEzaC93eNeKfAw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY&google_push=AavPq0P3JIfLcUTda00plCmFlaqV21uhhoz8aQ6zO1QtUBFvjN-q1Teb3FrH-CwvaggTQ6_D5ADhGjGKQ7-qWR5mAEzaC93eNeKfAw
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENUSlg3N0ItNC04NlhY&google_push=AavPq0P3JIfLcUTda00plCmFlaqV21uhhoz8aQ6zO1QtUBFvjN-q1Teb3FrH-CwvaggTQ6_D5ADhGjGKQ7-qWR5mAEzaC93eNeKfAw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
pixel
cm.g.doubleclick.net/ Frame F877
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELlp0OliQpeg0k76SS-7YEk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELlp0OliQpeg0k76SS-7YEk&google_hm=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB&google_nid=index&google_push=AavPq0PpHRJ9wGruUeUlf5BbWhrRKhyKDUjXG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELlp0OliQpeg0k76SS-7YEk&google_hm=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB&google_nid=index&google_push=AavPq0PpHRJ9wGruUeUlf5BbWhrRKhyKDUjXGtwwrWX16iPnXrNH1U5j_caFp5efeqGR2DwfXxSDc2c97ZaVyJW1CWR1Sl2I97ljtA
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FWNi%2FIN%2F4%2B6%2Bv6sYeXbhWwjSoORadbBPLZmqzXpguxdfwm6Gs8TO51dKyEWwXfxiWjMFGUr3qYnQ942S44mrZcF0E96D%2BZloqjy0rpkkOTT%2FT8goF7plHGvZt7ifpw6UEc0205kR91Tdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELlp0OliQpeg0k76SS-7YEk&google_hm=Y8BvaMNW0PM9kjBxTNi19gAADWoAAAAB&google_nid=index&google_push=AavPq0PpHRJ9wGruUeUlf5BbWhrRKhyKDUjXGtwwrWX16iPnXrNH1U5j_caFp5efeqGR2DwfXxSDc2c97ZaVyJW1CWR1Sl2I97ljtA
cache-control
no-cache
cf-ray
7888aff5e8f43ffd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame F877 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCm4-QIX3YQ_Eq-JWqwgAQQ7C9w737KcWRe1ha0sH7b9px7Z-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1B08 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3439
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:39:38 GMT
expires
Fri, 12 Jan 2024 19:39:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEB9IC_CEXkUzd32tT1nhhPk&google_cver=1&google_push=AavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP&google_cver=1&google_gid=CAESEB9IC_CEXkUzd32tT1nhhPk&google_hm=UTcyNjg0MjIxNzE5ODE2OTQ5OTc=
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OF_-XxZQyDnP6M-ABkCq-9fEEk_dPRPQSJCDt9bZU07aFyGj_khPGJA1olKl2uJkQLi1teYm1wnNhnr9mE2ogeYHFVerxP&google_cver=1&google_gid=CAESEB9IC_CEXkUzd32tT1nhhPk&google_hm=UTcyNjg0MjIxNzE5ODE2OTQ5OTc=
Content-Type
text/html
Cache-Control
max-age=24765
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENHz2S9nfqJtUJ_8PrejD-s&c_param1=AavPq0Njx2p6h_8w3CB2bQljoGbJxLuJllEpnLOlazuvvYhod2FydH8BuZkTF7i6liDZb2s1paNtTPiiNlVJsgb_JDa4DmvlcYzm&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0Njx2p6h_8w3CB2bQljoGbJxLuJllEpnLOlazuvvYhod2FydH8BuZkTF7i6liDZb2s1paNtTPiiNlVJsgb_JDa4DmvlcYzm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0Njx2p6h_8w3CB2bQljoGbJxLuJllEpnLOlazuvvYhod2FydH8BuZkTF7i6liDZb2s1paNtTPiiNlVJsgb_JDa4DmvlcYzm
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0Njx2p6h_8w3CB2bQljoGbJxLuJllEpnLOlazuvvYhod2FydH8BuZkTF7i6liDZb2s1paNtTPiiNlVJsgb_JDa4DmvlcYzm
date
Thu, 12 Jan 2023 20:36:58 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGtJaczKi6jydSwo0vFDyzs&google_cver=1&google_push=AavPq0MKobQuY12UBQijKM9baL0cz3vmybgCpWMcZszubQP8xke63EHgXWL02zX3j6FgCvZQr4qq3Dvd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5NDM0NTg1NjU2NDIyNjc1Nw&google_push=AavPq0MKobQuY12UBQijKM9baL0cz3vmybgCpWMcZszubQP8xke63EHgXWL02zX3j6FgCvZQr4qq3D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5NDM0NTg1NjU2NDIyNjc1Nw&google_push=AavPq0MKobQuY12UBQijKM9baL0cz3vmybgCpWMcZszubQP8xke63EHgXWL02zX3j6FgCvZQr4qq3DvdfMeO7umOfNtwnM26lTM
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY5NDM0NTg1NjU2NDIyNjc1Nw&google_push=AavPq0MKobQuY12UBQijKM9baL0cz3vmybgCpWMcZszubQP8xke63EHgXWL02zX3j6FgCvZQr4qq3DvdfMeO7umOfNtwnM26lTM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOTdzPYd3tWwfSrF7jvUw6w&google_cver=1&google_push=AavPq0P3oKgpZMdfNJkPfkq-tTOEedDSYb0l-vLVmI8vFRcH9zN4RuNBapBBRsLUNLhHo6gaMhGmmWnpZWkbre3Px4tr-G4-W6k
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0P3oKgpZMdfNJkPfkq-tTOEedDSYb0l-vLVmI8vFRcH9zN4RuNBapBBRsLUNLhHo6gaMhGmmWnpZWkbre3Px4tr-G4-W6k&google_hm=i75hmbwJwTkTqbB5KCw_5w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0P3oKgpZMdfNJkPfkq-tTOEedDSYb0l-vLVmI8vFRcH9zN4RuNBapBBRsLUNLhHo6gaMhGmmWnpZWkbre3Px4tr-G4-W6k&google_hm=i75hmbwJwTkTqbB5KCw_5w==
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0P3oKgpZMdfNJkPfkq-tTOEedDSYb0l-vLVmI8vFRcH9zN4RuNBapBBRsLUNLhHo6gaMhGmmWnpZWkbre3Px4tr-G4-W6k&google_hm=i75hmbwJwTkTqbB5KCw_5w==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
5vse1ilistsl72jbngr36h4b74akm2bo
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEWUVSqaMHVOklnbBrDDJW4&google_cver=1&google_push=AavPq0MvcgQOZuEHQ2GXliDYI7EtlvMPnel4AWpP1z5TUZR2itziEvfz056lrsjgl-VDx-uDa8F3By3ThDyy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MvcgQOZuEHQ2GXliDYI7EtlvMPnel4AWpP1z5TUZR2itziEvfz056lrsjgl-VDx-uDa8F3By3ThDyyyahw1Y2Wr6767QcE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MvcgQOZuEHQ2GXliDYI7EtlvMPnel4AWpP1z5TUZR2itziEvfz056lrsjgl-VDx-uDa8F3By3ThDyyyahw1Y2Wr6767QcE
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MvcgQOZuEHQ2GXliDYI7EtlvMPnel4AWpP1z5TUZR2itziEvfz056lrsjgl-VDx-uDa8F3By3ThDyyyahw1Y2Wr6767QcE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAnc8QBNngpIkM3PEM52eQE&google_cver=1&google_push=AavPq0OrtXiuDwcdXM6CwPa4ZUQZVnE6aJc8oinxIsLawRYKSyCAO9StyF2_4wMH8ELMJH5E2i...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tS2ZOZGlaRTJ1R0lxbjdSU3JkT0tFbHo2YUtnUzhic35B&google_push=AavPq0OrtXiuDwcdXM6CwPa4ZUQZVnE6aJc8oinxIsLawRYKSyCAO9Sty...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tS2ZOZGlaRTJ1R0lxbjdSU3JkT0tFbHo2YUtnUzhic35B&google_push=AavPq0OrtXiuDwcdXM6CwPa4ZUQZVnE6aJc8oinxIsLawRYKSyCAO9StyF2_4wMH8ELMJH5E2i_rPykc2_r6MB11oIGaDP06gusz
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tS2ZOZGlaRTJ1R0lxbjdSU3JkT0tFbHo2YUtnUzhic35B&google_push=AavPq0OrtXiuDwcdXM6CwPa4ZUQZVnE6aJc8oinxIsLawRYKSyCAO9StyF2_4wMH8ELMJH5E2i_rPykc2_r6MB11oIGaDP06gusz
date
Thu, 12 Jan 2023 20:36:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E751
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOPZrRPw6...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
Date
Thu, 12 Jan 2023 20:36:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E751 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVf0oGDhrtj79GCGl3LXNailuh4GNjfcXm12wJxJDYzEAy6AvUYri8mj_RKxH2RLjzJNB7VuM
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 71A9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7039023683759476&output=html&h=280&slotname=8391647344&adk=821707621&adf=2751417942&pi=t.ma~as.8391647344&w=970&fwrn=3&fwrnh=100&rafmt=1&format=970x280&url=https%3A%2F%2Fntdeals.net%2Fus-store%2Fcategory%2Fnsfw&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673555816642&bpp=3&bdt=188&idt=256&shv=r20230111&mjsv=m202212050103&ptt=9&saldr=aa&cookie=ID%3D2a8158c2df8c8d2a%3AT%3D1673555815%3AS%3DALNI_MancX7hdPCv-4uxKjNw2C70SZhb9A&gpic=UID%3D000009e4e6cf4e36%3AT%3D1673555815%3ART%3D1673555815%3AS%3DALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A&prev_fmts=0x0&nras=1&correlator=5406179457265&frm=23&ife=1&pv=1&ga_vid=1472796446.1673555814&ga_sid=1673555817&ga_hid=805244962&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=133&biw=1600&bih=1200&isw=970&ish=250&ifk=131811122&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071383%2C21065724%2C31071351&oid=2&pvsid=3405326288921262&tmod=866959313&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.6t3kqg6tntcg&fsb=1&dtd=352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-z9QXbPWoiy5bfG9ihl0Zqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-z9QXbPWoiy5bfG9ihl0Zqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ntdeals.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DE9D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 19:39:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E26D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:28:19 GMT
etag
48472445140208031
expires
Fri, 13 Jan 2023 19:28:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DE9D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bea67b4ac031596589ff0e90093f7f853da5d1609daf24599b321c3d61a4cc75

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nT-O3e9xXlKO3tWWhViGeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-nT-O3e9xXlKO3tWWhViGeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ntdeals.net
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_YIeABTH2tDhvc1ODq5Sslt5yvcPU9FPbaRuDdNFp6Cf4PckEfEq080x7fHjmsUA8_qwIgv5NijNfwPmveA__CB9bNprhARXzUOhynOo9x-KuZAbfwdVYksLW-_qnrpcCNaB1Tg==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0V_oNyUlzsh4K6l-_Pw8iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-0V_oNyUlzsh4K6l-_Pw8iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ntdeals.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV3UvIV0eJsLuoo4p0g8YX0ZLNXKTZZa7CWhkiBnpFbd_cLavWarZqN8uLYrrZep-t9kggiiTX_6T0qKHcbfoT5O0iFvXBWJbnJYXH5AgZZd5kbArTPjroU0SrESWT85vOEEQsg7w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV3UvIV0eJsLuoo4p0g8YX0ZLNXKTZZa7CWhkiBnpFbd_cLavWarZqN8uLYrrZep-t9kggiiTX_6T0qKHcbfoT5O0iFvXBWJbnJYXH5AgZZd5kbArTPjroU0SrESWT85vOEEQsg7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjczNTU1ODE4LDgwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL250ZGVhbHMubmV0L3VzLXN0b3JlL2NhdGVnb3J5L25zZnciLG51bGwsW1s4LCJHR1pXUTBpR29tOCJdLFs5LCJlbi1VUyJdXV0
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22ff88d2cc7602adca5e98f1f9ff71afb48f7bae4e4f2e0c84209a7566417b07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kAK6tXRTvUxdTJHg67Gh8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-kAK6tXRTvUxdTJHg67Gh8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0B63 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujQBHcI0PU8zS3RoREasjpgtjLCoeU_jzzuBo6OvjBkefgyp6eKmHxFuJalZvE68JcHK2n2_-UnLbs7H5yjEzZPDhyFG_Rcx0XcQ14mp9gSVLmi6vFkVKkwcztDys57Szi1bWGIBnsBPZNH0ZUL6ikHDt6_7zpPT68pB8f9-2WqSrbdhrcYKvDlg3ScTz2aTph1ta76ud7anjleyBo-HACAkKFAvWbbQc41zJi2ZsDUMn4BPGS-Ta0EvQDnKkxkmphE08jkmydIAuQAlpyMKNIxUrrJMw5uvy7MMUWcu4vOOAarLrKe1phjB4EqKvrKnlcS3u_U2w4KIyYUUhLD72qjofJzSm31TN16ClWadPvVX0L3_o1lJrngBQI4cceQrqeOzOJ1Sn_UiqWdOok4Ea4PBNnT0oWMAxvcPMQvm2nUyYCd3qaPVjDSxZ0cBSRbwMQEJRuYisfJGPVCG551IJb3woCOdPOXNV_9PZLNC5kuzQODRZE7kuJQkhyzoE_6YaTLCcNxwmPeMrNyvMkUR97nQy-xTWLbcA2dSpLlrOTIanvu5f6dYFYhont3VnyMNOnahiucMbL-hQtUQsoMK3tKBX_OnVcqDLEys2aKwYnpE3DmI3wcEubRuKcS-ZkwyXPe-Pxf2fI6IZTCQC9xcQokFFiZX1YEXv1NbiwUUmtGHpH_FWg5-YLVkf_dCniUSVhq_LmfpYl6TzV9DqjVBbJXJNz2_76vK2SxZiB8pKweSbEGg3MTmwlo6oG-ZhZpB4u4P6R7-Q97GNGgfgMcXyVsRBscfAFWTgxQlIsF6_AHqJfCiTndu-PDbqP08Fw2Fod-FqMChBicUe2NE7fWDqEpaDx1DKK5qInqi_2wx_A780YPuaChMEX5ND_bLfOQHPt2erN_BnsnZO2yfSsBk6J_0D_C7JkiWXcSmR3RuX05fZvPcGTTZI3ugB7oGiUh6sSgN6CariHIZTzbKjLjiwQI2odZu5NQ7C9TyKjB1XTYVfHeoF5KxvW-pzv9QBa2x3aKsbofhX61sNXgU2i8zBF7jF0Gblk-oVxLS8Xc_nHAauj9HZDxXYCyq2P6u2CY2BhKgm5iB-FVjJL84Uhi7IPTJVDABihzPMEtvMBZbijtD-VAquOkHbFSGRolK3shLL12tTgRnp40LTD7h8LC3J8yV7c_LlyY3JnMZzqtEMk-Drt0TDJkoti5GcD0WJyuslkqRNt-2Vz1jBw7LidYc_8uPr5rUB8KOd7ekVlHr1pwV0bU9zhWeDpypL9zh3Qtuf1hZm6U5OWtLljcav2cTmf9osy44_1B85bjPIHzStBb1eqbc7bhL1IlBvwvqKGhuQ3eAlaYZPu4ftE3KCU&sai=AMfl-YTgHtYvbaK4AFdeqiaGnmwxP0itZC_hhbAOfoRqJHhOCKtyMkl3og3F5hq4BVtxQSC3_m62PtFHfbHKQr0we1ImzU71jBl2nput8VUJDvAJelU37ZIHTye21YzzLKU3MLPKQkidIw7mFyr4TKIRPIZD6kwfWJVv2jZMyOb5aADythptp7NgXleuMyuucCmQe-qavVZi2PE61J3UzQmuk2lt9U7WjW3nRdNiWCv43KSH1eavswhVrEUVWrQkrZkdyJyUc79y25iecDp41YzQuHZHqsGRzbh1hQ&sig=Cg0ArKJSzJgN-eSXpFFDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=680&vt=11&dtpt=498&dett=3&cstd=176&cisv=r20230111.10397&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:58 GMT
918e9e9e.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		1 KB
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/918e9e9e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7274f4c74c548cbc43a3fce5f87631a43bd64b707186c559482a540977c995e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 17:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96051
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 17:56:07 GMT
f32c2a96.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		659 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/f32c2a96.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88bb62ab8413ef70017838e25737e466173fd27636bbd11c8b2520efb4267ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
389
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 01:56:02 GMT
9fe7b444.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		1 KB
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/9fe7b444.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd3562eba8add5cce59c21ef0307489522a7ee3a0dd63599b9b16a282d64664b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527542
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
632
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
b3bd7c74.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		2 KB
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/b3bd7c74.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f65c5715750c282cf482388402578c9065b246418d441babbdaad1e39a7375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 14:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 14:28:37 GMT
05bbb152.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		1 KB
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/05bbb152.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07528a33d0d0685761da5e15d26b30b81be1dcf80a2be9fa87ecdeb559f14f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 11:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
627
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 11:11:55 GMT
efb85237.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		973 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/efb85237.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b88fc8ac7ea815602271a41080cb64b4bb8ac1a1bd984c24a66b70f4da060550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527542
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
569
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
19264423.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		1 KB
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/19264423.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1ca48c8a81c3cdfafc2cb276206ba1fe5fcf6a63636316ebbe3fb5a935e6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527542
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
596
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
ab43b44b.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		2 KB
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/ab43b44b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713c6acd109fd24ddfb7b285383b0e9e5cfdb4c8d0211561f25bb296fe8e3879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 09:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212900
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
778
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 09:28:38 GMT
847b3a6c.svg
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		998 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/847b3a6c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9600e61184bf4d3e0953d492e8fceaaaada4055d8f49bb2e71ff88fec2f4ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172617
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 20:40:01 GMT
6e422d5f.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/6e422d5f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56f9e28b8826b4592b202454ecf0fcac10f8bf6d5335de79102ede607cfef5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59143
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
36de504e.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/36de504e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11571f3fd51e4adbad516043297c9eeade058cb48dc211e744f13baad27ff93d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:05 GMT
x-content-type-options
nosniff
age
527573
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1804
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:05 GMT
a26a6b4d.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/a26a6b4d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
461d3765135aab9f963807e46541b58a3c4b8e8a9111c036f70d63a8c4a30fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3364
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
42f7d6a2.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		176 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/42f7d6a2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae85ada9cfd84fe4c669b94404ed6209e989e4f68945db57c1e2820c33a18c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 21:31:07 GMT
x-content-type-options
nosniff
age
515151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 21:31:07 GMT
b440e7ec.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		188 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/b440e7ec.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6a56b0eedf2164ea26d50232cfe5f664b996fcdd0332c02d6fd9b683524886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 23:16:26 GMT
x-content-type-options
nosniff
age
163232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 23:16:26 GMT
891fc44d.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/891fc44d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f51d01b579c673ebad56e6adad52df632ad00c766060980718c06b6c76a23fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 05:53:25 GMT
x-content-type-options
nosniff
age
53013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4708
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 05:53:25 GMT
6fff3654.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/6fff3654.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08236304df812e92e1317231184929c0faf9f8a321e95b7729e4dcf3d67d3d0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 01:33:43 GMT
x-content-type-options
nosniff
age
68595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8850
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 01:33:43 GMT
573a6f99.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/573a6f99.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb16d1c0468d1d4a9bdce34611a6abc10ba8616975a687dc8fa70eb120c34b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 07:25:55 GMT
x-content-type-options
nosniff
age
306663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1817
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Jan 2024 07:25:55 GMT
d0811eca.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/d0811eca.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6ac2354bea6ca977f55564e16567b873cf85b6da608b313948f5e5d2d7523ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 14:41:47 GMT
x-content-type-options
nosniff
age
194111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3390
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 14:41:47 GMT
193f56df.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		945 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/193f56df.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c1dcc2fcdd4634fe8c4f9eb30ecaa6c944b039daa4261641419bbbef3adea7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:06 GMT
x-content-type-options
nosniff
age
527572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
945
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:06 GMT
a789d8cf.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/a789d8cf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68c90259bcc6c9f8ce8e61bda3b98b353e807dbb1a831df691c7c16b713a783e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:04:36 GMT
x-content-type-options
nosniff
age
527542
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1968
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:04:36 GMT
2dd5bfd2.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/2dd5bfd2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde1a86ecba3297dd3584c4af191b993be29cfb6350ce63c5870e7f9da30a88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:34:43 GMT
x-content-type-options
nosniff
age
43335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3051
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 08:34:43 GMT
0bb4e2d2.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/0bb4e2d2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476aa2d7a84da45c9e8a0f13641016a5c8085f65ba2b7fce32e03fde1c95c3e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5696
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
7bb9b04e.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/7bb9b04e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8dc716613268894c1b99a55f3d92462e60595ff3c1218c9d96d6277587eb699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5083
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
ec13fad9.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/ec13fad9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d188964bef755f9e8e2d41d114fcb23d3d695224683166af63c63cfd4ab941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10259
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
ff288155.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		194 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/ff288155.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bcdb3ec02e7c97412562c66dd458bede4295c79b0719a655ea49d303832554d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 08:34:44 GMT
x-content-type-options
nosniff
age
43334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 08:34:44 GMT
901e99e7.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		276 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/901e99e7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdc47f614cc6c097a54c3f84ae1f9d3fd4ef8bd4860a197c6ce2d29371fa4845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:50:23 GMT
x-content-type-options
nosniff
age
125195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
276
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 09:50:23 GMT
4c6a7a36.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/4c6a7a36.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4cbc003e83946002ce9791bb7d9cf2ed505207dc7e5e786919d726c0c357736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 18:03:25 GMT
x-content-type-options
nosniff
age
527613
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3817
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 18:03:25 GMT
b2d1cbfd.png
s0.2mdn.net/sadbundle/2294254016198082560/images/ Frame EB35 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2294254016198082560/images/b2d1cbfd.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c51488e62c69a64678cd7ae6369c19a7c912a52a9c7877d997844d34bfc4f9b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2294254016198082560/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 00:16:54 GMT
x-content-type-options
nosniff
age
159604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7189
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 15:29:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 00:16:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 61C4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 19:39:38 GMT
expires
Fri, 12 Jan 2024 19:39:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame E26D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPeKEGtOzJ7XdYlWh9F2wNA&google_cver=1&google_push=AavPq0MLZtmMrCu3i9WUjTEUT0TflE7d37t879XFre7EVMepo6w_Qf7XPujfuCxNEclM9pd_UiwDNTDbBevQKTsk2M...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGY0MzZkYjgtM2I0OS00NjVlLWI5NDAtODQ4NGRhMTA3Yzc3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=df436db8-3b49-465e-b940-8484da107c77
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGY0MzZkYjgtM2I0OS00NjVlLWI5NDAtODQ4NGRhMTA3Yzc3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=df436db8-3b49-465e-b940-8484da107c77
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZGY0MzZkYjgtM2I0OS00NjVlLWI5NDAtODQ4NGRhMTA3Yzc3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=df436db8-3b49-465e-b940-8484da107c77
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame E26D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMUIDYwHuv46d5i_YhSPLio&google_cver=1&google_push=AavPq0PsfQbh4g-POQEtG2U3PYOj5hmYgNWQPYiaLvU5-WG0pn5620EuidEwUt4cwLRIOF7piuQnrE-3Rhk7CBqGVnz_M2q...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PsfQbh4g-POQEtG2U3PYOj5hmYgNWQPYiaLvU5-WG0pn5620EuidEwUt4cwLRIOF7piuQnrE-3Rhk7CBqGVnz_M2qpTR4I&google_hm=eS1FSW1hdlNSRTJwRVRoNH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PsfQbh4g-POQEtG2U3PYOj5hmYgNWQPYiaLvU5-WG0pn5620EuidEwUt4cwLRIOF7piuQnrE-3Rhk7CBqGVnz_M2qpTR4I&google_hm=eS1FSW1hdlNSRTJwRVRoNHpsa3htbDl2cjhHMTU3T3NrTH5B
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PsfQbh4g-POQEtG2U3PYOj5hmYgNWQPYiaLvU5-WG0pn5620EuidEwUt4cwLRIOF7piuQnrE-3Rhk7CBqGVnz_M2qpTR4I&google_hm=eS1FSW1hdlNSRTJwRVRoNHpsa3htbDl2cjhHMTU3T3NrTH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame E26D
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESED_fFg-1Bh0XTbuFbbDqcgw&google_cver=1&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPc...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESED_fFg-1Bh0XTbuFbbDqcgw&google_cver=1&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPc...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPcSKZl6SvKUUwfa1sMsOxe7ESHLXABftN_SKX5xln1-RYXmUOywHuNA&google_hm=MDQwMzAwMD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPcSKZl6SvKUUwfa1sMsOxe7ESHLXABftN_SKX5xln1-RYXmUOywHuNA&google_hm=MDQwMzAwMDFfNjNjMDZmNmEzZTI2Zg%3D%3D
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:58 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AavPq0NZTtS2kW1_Ls048Kf0BwAA0IA_ClUT_i5M5q-WXNSPcSKZl6SvKUUwfa1sMsOxe7ESHLXABftN_SKX5xln1-RYXmUOywHuNA&google_hm=MDQwMzAwMDFfNjNjMDZmNmEzZTI2Zg%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame E26D
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDM_TrIfSu1dGraoMtOFjUQ&google_cver=1&google_push=AavPq0NSa9gyYTCCcAJzsb9t01FQ4Lla17xOPPc-AIHgWgs_pa9gaI_WtZa1T-5D1KAJA0UFUDVkV7Qd5wSNzom3Wuvav7kJQrf3pA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NSa9gyYTCCcAJzsb9t01FQ4Lla17xOPPc-AIHgWgs_pa9gaI_WtZa1T-5D1KAJA0UFUDVkV7Qd5wSNzom3Wuvav7kJQrf3pA&google_hm=ZzIzNzNlNjU4Njc0NT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NSa9gyYTCCcAJzsb9t01FQ4Lla17xOPPc-AIHgWgs_pa9gaI_WtZa1T-5D1KAJA0UFUDVkV7Qd5wSNzom3Wuvav7kJQrf3pA&google_hm=ZzIzNzNlNjU4Njc0NTExYzI2NDg=
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NSa9gyYTCCcAJzsb9t01FQ4Lla17xOPPc-AIHgWgs_pa9gaI_WtZa1T-5D1KAJA0UFUDVkV7Qd5wSNzom3Wuvav7kJQrf3pA&google_hm=ZzIzNzNlNjU4Njc0NTExYzI2NDg=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pub
cs.chocolateplatform.com/ Frame E26D 		0
0
pixel
cm.g.doubleclick.net/ Frame E26D
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAn77qSyB4yAPJOHfdwrr7k&google_cver=1&google_push=AavPq0P83RmJhfVt173NMBjVCuexWAgl2j83f8wAfUDaDzDpZwR7GhBrFEgPmHbT7RBYPmnNNbf5SSshrl93NJZKA...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlNThjMDktOWZkZi00ODcwLWE3ZTMtNDA0N2YzNGNiMDA2&google_push=AavPq0P83RmJhfVt173NMBjVCuexWAgl2j83f8wAfUDaDzDpZwR7GhBrFEgPmHbT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlNThjMDktOWZkZi00ODcwLWE3ZTMtNDA0N2YzNGNiMDA2&google_push=AavPq0P83RmJhfVt173NMBjVCuexWAgl2j83f8wAfUDaDzDpZwR7GhBrFEgPmHbT7RBYPmnNNbf5SSshrl93NJZKAClAD3R3TjByCwI
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZGFlNThjMDktOWZkZi00ODcwLWE3ZTMtNDA0N2YzNGNiMDA2&google_push=AavPq0P83RmJhfVt173NMBjVCuexWAgl2j83f8wAfUDaDzDpZwR7GhBrFEgPmHbT7RBYPmnNNbf5SSshrl93NJZKAClAD3R3TjByCwI
date
Thu, 12 Jan 2023 20:36:58 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E26D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOPZrRPw6...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f703e948-0ee8-4818-97bd-a78dabc49609&%%GOOGLE_PUSH_PAIR%%
Date
Thu, 12 Jan 2023 20:36:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E26D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQdYytfGBXfgQjSw9-b9Zh3Fm4NgjJkFj9EddvpEc3vyGOX2jvvdEKZj3ulb-WKGOBWnHePkA
Requested by
Host: 0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 1B08 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntdeals.net%2F&domain=ntdeals.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ntdeals.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 12 Jan 2023 20:36:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
489657
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		42 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://ntdeals.net
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntdeals.net%2F&domain=ntdeals.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=b-DlG3xTRTdqYW00OXo2NkdwSXRNWWYxRFJoNFlzaDVLY2tVTzNwbFd1WGdTUXhNbFIrQzNqR1BKekpZZmczWkVHMWxBWnhPT091OVNOaEpTTFVHOGVYTDduVDFjRVV5elhocHN0d2tybzgzalpzM2tKNnNTeis2eVhzL2...
352 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b-DlG3xTRTdqYW00OXo2NkdwSXRNWWYxRFJoNFlzaDVLY2tVTzNwbFd1WGdTUXhNbFIrQzNqR1BKekpZZmczWkVHMWxBWnhPT091OVNOaEpTTFVHOGVYTDduVDFjRVV5elhocHN0d2tybzgzalpzM2tKNnNTeis2eVhzL2g0QXpSRFQ1Yzk0WkhnQWhnMFVkUXBPbDkwVkN4NUFSbmxsM0g5WHF1MXZ4eXFBdTNacDN4cWNCWkhGNHdHanIydmIvenZDSFRNaGNabVNHUmFDLzliNDJOTlZtMzZ3OTF4QnJkY2FoS2dyWFVIWGYyalhRPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c88dcba433bd2b02994481a5fda010aa8f717c1a6cdf64299a332cb2f8b82e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1607292
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=b-DlG3xTRTdqYW00OXo2NkdwSXRNWWYxRFJoNFlzaDVLY2tVTzNwbFd1WGdTUXhNbFIrQzNqR1BKekpZZmczWkVHMWxBWnhPT091OVNOaEpTTFVHOGVYTDduVDFjRVV5elhocHN0d2tybzgzalpzM2tKNnNTeis2eVhzL2g0QXpSRFQ1Yzk0WkhnQWhnMFVkUXBPbDkwVkN4NUFSbmxsM0g5WHF1MXZ4eXFBdTNacDN4cWNCWkhGNHdHanIydmIvenZDSFRNaGNabVNHUmFDLzliNDJOTlZtMzZ3OTF4QnJkY2FoS2dyWFVIWGYyalhRPXw&cppv=2
access-control-allow-origin
https://ntdeals.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
446085
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
362732e65c29b9b8d85398262ea42f2e021e181582536f5e1c0959bc4e4352fa

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntdeals.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 11 Feb 2023 20:36:58 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 0707 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
138
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7888aff8ae4b53e3-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 00:36:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A30C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50972
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 12 Jan 2023 20:36:58 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 08 Jan 2023 06:27:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 84673
X-Served-By
cache-lga13626-LGA, cache-yyz4523-YYZ
X-Timer
S1673555818.343855,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ 		52 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
Sun, 08 Jan 2023 06:27:18 GMT
Date
Thu, 12 Jan 2023 20:36:58 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
50972
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
17053
X-Served-By
cache-lga13626-LGA, cache-yyz4569-YYZ
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1673555818.343160,VS0,VE0
ETag
W/"623de86a-cf34"
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
3, 87109
pd
us-u.openx.net/w/1.0/ Frame 5F8A 		672 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
913dc8af1d222561c09e107c8610a5f0166e663b3c119a79889f37f5597f0648

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
423
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 399F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50972
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 12 Jan 2023 20:36:58 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 08 Jan 2023 06:27:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 83933
X-Served-By
cache-lga13626-LGA, cache-yyz4526-YYZ
X-Timer
S1673555818.342387,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame E450 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Jan 2023 20:36:58 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FAFB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51960
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 11:02:58 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F30C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50972
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 12 Jan 2023 20:36:58 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 08 Jan 2023 06:27:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 87522
X-Served-By
cache-lga13626-LGA, cache-yyz4580-YYZ
X-Timer
S1673555818.350715,VS0,VE0
pd
us-u.openx.net/w/1.0/ Frame B4FA 		672 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
913dc8af1d222561c09e107c8610a5f0166e663b3c119a79889f37f5597f0648

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
423
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD17 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51960
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 11:02:58 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D79C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
138
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7888aff8ae5d53e3-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 00:36:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 59EB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50972
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 12 Jan 2023 20:36:58 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 08 Jan 2023 06:27:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 83685
X-Served-By
cache-lga13626-LGA, cache-yyz4529-YYZ
X-Timer
S1673555818.343873,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 9A3D 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
138
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7888aff8ae4f53e3-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 00:36:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 0461 		672 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
913dc8af1d222561c09e107c8610a5f0166e663b3c119a79889f37f5597f0648

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
423
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D202 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51960
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 11:02:58 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 07DC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
138
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7888aff8ae5853e3-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 00:36:58 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6213 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51960
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 13 Jan 2023 11:02:58 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 0725 		733 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c422da34f22243506564af47c214fd7e819acf1839dadf47441dd3ba39abd6bd

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
457
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=10a011f3-29c5-404c-9b5a-4999224c8fac
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-NS52uhRE2uHG4.ykuqnZeRmBcAG8_FJ.kGiygCs-~A&gdpr=0
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-NS52uhRE2uHG4.ykuqnZeRmBcAG8_FJ.kGiygCs-~A&gdpr=0
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-NS52uhRE2uHG4.ykuqnZeRmBcAG8_FJ.kGiygCs-~A&gdpr=0
date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D10a011f3-29c5-404c-9b5a-4999224c8fac&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4833%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D10a011f3-29c5-404c-9b5a-49992...
  • https://prebid.a-mo.net/cchain/0/4833?gdpr=0&gdpr_consent=&us_privacy=1---&A=10a011f3-29c5-404c-9b5a-4999224c8fac&bidder=adform&cbx=aHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZ...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4833%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D10a011f3-29c5-404c-9b5...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4833%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D10a011f3-29c5-404c-9b5a-4999224c8fac%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0xMGEwMTFmMy0yOWM1LTQwNGMtOWI1YS00OTk5MjI0YzhmYWM%253D%26uid%3D%24UID
Protocol
HTTP/1.1
Server
63.251.86.51 Woodbridge, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 12 Jan 2023 20:36:59 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F4833%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D10a011f3-29c5-404c-9b5a-4999224c8fac%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0xMGEwMTFmMy0yOWM1LTQwNGMtOWI1YS00OTk5MjI0YzhmYWM%253D%26uid%3D%24UID
date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LCTJX77B-4-86XX&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LCTJX77B-4-86XX&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:57 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LCTJX77B-4-86XX&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=10a011f3-29c5-404c-9b5a-4999224c8fac&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f703e948-0ee8-4818-97bd-a78dabc49609&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596969928044676171&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c3230169-53d8-44eb-aae6-f2c609f08947&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10596969928044676171&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214250604394013625293&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596969928044676171&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=0&gdpr_consent=&us_privacy=
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=f703e948-0ee8-4818-97bd-a78dabc49609&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 12 Jan 2023 20:36:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
view
googleads4.g.doubleclick.net/pcs/ Frame DE9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBDjrxQjM80nIMp1JrK7c02BVuv_IzXs6gpNSyKpmp3UxFdHy5yhesC2C8EmF8aOGSObctomO75XsY2-Ou_EQq-mNZ_9mftSQMJJtsYCIeHBOYw7kRTbU-LdOOrObObNNMGMKsyrfO-dj4-7EadF-9qyggn6_7xepFBnXTiGCknngHds3ME4yl4Ezt4RbIs66L8-sMkU_bL4vFSgNdm3TcRtbwzn8iOGD885g83uBdAp_7Dcij_evmz09OWQJoRYTJjrbiaUcFPU5SkqlwFOCwRmtmbxh23FnhpaC0Xp5ZOG9TIcPEVpd6yw2waB6lpebY2v3PKXoGJBlLjUq5Gi1ptbHioEIfWscgLb8MO9xRp6Lcqr90WR4kf8E1VlZNbwbN4EulGD1IAhj6GoZIZ03JDzoDlDkkX155GWf91t1N5uYerXtSpW1lW5Nwk6PWjfte9yt57fOn8SSvCHDanbuE5qyWxrE0t6FKd1HOABVRTxWc-l2N-1aCqQh7vXRQQlRb58KRgjzZ8ebOvuJv8_ELBXgVn60mqyKGdaNc9-G_oz7ycYRHaChhKgymLVxHIi8Z1A2lPYKNetu3IB2o0h9cwiAbYEF3WaKmImGnEqtC-5ieebNKs8eBZ4JG9MaV_5Y93sJS6dRUZQljAuaRTbxQq1iBj9vppww5YS-Wm27OKY_DkyAald6fzQe-6Uxb5AO7sSFpTeOu_LGGAWwINW_3CoAWBxY_7OdImyV7DoGj1hRom63X-sKKD6yyigow8EsOT6hes5c3Vcr5gQ-LbisNPCTKEzooDgfosnEYzuEIZrmNtFjJj7_RCrcQlUbjiXhzqJSMJfWgnt5jksjrDeWUkUqbBq8TYDSaMU_1sFl0EyNlwvU1Htkdxz5Iccbm66R27y2ilpX2bKmYiqaf-fEyvvcb9o0p5OzYqCzT9SOmv761QxpP43uS-RsmH2n92JwRcmgnEUyAohcT9alOh-bjU68npM_kh2ArXdU9k-Lrv2vmkPlzmsH_xket7m8JEVZEShGwmcbOzVOS_KUM02Y4V_D8ajmy__9puCgyQO-H73-3ln81BhRxZmKdNKh6Z0GtY3FPJlfwwjFSxqGjJyyiw5ENNbT2wwnLyB95T2u0eESV03ezOYG22hoPJ77qHMUtNftfdtdddonqBt16PxIjIlX_V2eTcBrjo2qe9wRR4sDyv1zjGZscvq92xvGscl3GktKqaZp1walf-WPcHXTVwK6YmBGi2A54_v_IggD1UA3Mx8sju1M07w4xesEiAAidp21BXNHcQzG9Yc2hMxBS6p_jgDE7ajIEEgf-hegMpXBpcrU-SblAiF9wHJwsui4iH7OPuNO1YRrYZ_CG&sai=AMfl-YS6wRP3auegw0jeQevRRCmdY0zdI_OjjYp7zYGnQ7zNptIhA7LUS2P3DNceFSo_NLsywFUu3VO-4DNb09NRHRkVqmWbcW6qrnX85NZ3ggop-eqrNyjeGUKRivZiu0tPGv4CGPkpgUZrpF_Y6GJP-XX1TaeEER8KNsvUSs_OLsL-cxuF9GCLEaEDM_vO_8RLQZFrRERHIhYZ4O4nhYRGr1f48HA4scp45lc7RfUK64A8Yf_twSvq4Q84FFwLJMQGNwO6qVDrdxRsqMYC4HDspKtBJ-8ip-4kQA&sig=Cg0ArKJSzA32T4-aKttwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=723&vt=11&dtpt=485&dett=3&cstd=232&cisv=r20230111.48308&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 Jan 2023 20:36:58 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Jan 2023 20:36:58 GMT
sd
us-u.openx.net/w/1.0/ Frame 5F8A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5F8A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4565-YYZ
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1673555818.388001,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c02f8de1-8523-ea5e-c40a-ea3b0462c814
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5F8A 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c02f8de1-8523-ea5e-c40a-ea3b0462c814?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 5F8A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 5F8A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5F8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E450 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
05f66b5cbf84f005f89ddf99a32286c928708ea38f6135c0d38552b6b79ac0d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jan 2023 18:50:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80053
Connection
keep-alive
Content-Length
10036
Expires
Fri, 13 Jan 2023 18:51:11 GMT
sd
us-u.openx.net/w/1.0/ Frame B4FA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame B4FA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4565-YYZ
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1673555818.408265,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c02f8de1-8523-ea5e-c40a-ea3b0462c814
pr-bh.ybp.yahoo.com/sync/openx/ Frame B4FA 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c02f8de1-8523-ea5e-c40a-ea3b0462c814?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame B4FA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame B4FA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B4FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0461
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8381437226329219334&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 0461
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4565-YYZ
pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1673555818.427970,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y8BvZwALQt4IwwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c02f8de1-8523-ea5e-c40a-ea3b0462c814
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0461 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c02f8de1-8523-ea5e-c40a-ea3b0462c814?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 0461
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=54e8eba5-158f-7817-f5dd-fccefb35055d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 0461 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzg4NzM4NmYtZGNmOC0yNmIzLWUwM2QtYTY3NzMxZDdjYjNk
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0461
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAxZwdlwOxapC5X7_BowIrw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUJ-Hqzo_yTdULoWzLb6LLuL6MP-J0dLCLV285V--WRRTvmnUQ2n4uGptYQXyp2hb7WG11_noDbd7-uQIc_mOhNiut01IP3Fepi6Xwa99OhtBThQniSbBpSFlyufXywPJ4StZri0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUJ-Hqzo_yTdULoWzLb6LLuL6MP-J0dLCLV285V--WRRTvmnUQ2n4uGptYQXyp2hb7WG11_noDbd7-uQIc_mOhNiut01IP3Fepi6Xwa99OhtBThQniSbBpSFlyufXywPJ4StZri0g==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jinWzbg3bbylBpcYI1JaLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-jinWzbg3bbylBpcYI1JaLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ntdeals.net
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0725
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 0725
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=52969859-4e88-4590-bf3c-6418c8b9c451
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=52969859-4e88-4590-bf3c-6418c8b9c451
95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=52969859-4e88-4590-bf3c-6418c8b9c451
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=52969859-4e88-4590-bf3c-6418c8b9c451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 0725 		0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=7a2c682c-cde5-425e-a6fa-3dc46c96f134
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 0725
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=012e94c3-d8c8-4e77-aaa4-7c3dc2ae6485
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=012e94c3-d8c8-4e77-aaa4-7c3dc2ae6485
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=012e94c3-d8c8-4e77-aaa4-7c3dc2ae6485
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=012e94c3-d8c8-4e77-aaa4-7c3dc2ae6485
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 0725
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6795602408261108026
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6795602408261108026
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e99959bf-41d0-48aa-a70c-8f51de2a7161
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6795602408261108026
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0725 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=0c3e97d8-0925-c3ed-35d3-7e599306cebd
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FA8ANT8C4442RT52BPQG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://u.4dex.io/setuid?bidder=sovrn&uid=F-c0jLZH9GZkM-XkRx-i0S_5
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=sovrn&uid=F-c0jLZH9GZkM-XkRx-i0S_5
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://u.4dex.io/setuid?bidder=sovrn&uid=F-c0jLZH9GZkM-XkRx-i0S_5
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=b-DlG3xTRTdqYW00OXo2NkdwSXRNWWYxRFJoNFlzaDVLY2tVTzNwbFd1WGdTUXhNbFIrQzNqR1BKekpZZmczWkVHMWxBWnhPT091OVNOaEpTTFVHOGVYTDduVDFjRVV5elhocHN0d2tybzgzalpzM2tKNnNTeis2eVhzL2g0QXpSRFQ1Yzk0WkhnQWhnMFVkUXBPbDkwVkN4NUFSbmxsM0g5WHF1MXZ4eXFBdTNacDN4cWNCWkhGNHdHanIydmIvenZDSFRNaGNabVNHUmFDLzliNDJOTlZtMzZ3OTF4QnJkY2FoS2dyWFVIWGYyalhRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
527220
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 5AD1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
25ed1ed8f5a4adc6b9194a82721ba6d1fb5c1eb4f9acb9064888a2aa039a23ca

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2092
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8340000A
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
6a0f81b6e13a4c342c4fec24fb53750ac9b942fe3d891c515eeb09669443d83b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntdeals.net
date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 61C4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 19:28:28 GMT
async_usersync
ib.adnxs.com/ Frame 8C9B 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:58 GMT
AN-X-Request-Uuid
5dcfe160-dc69-4cc0-a6c0-87eac10a3a4a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FAFB 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1795151&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c6ff6101ca068b82238438a842f953d4e21c33076913fa5d6e8f6489a3c26eb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame 09B5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Jan 2023 20:36:58 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 12 Jan 2023 20:36:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
u.4dex.io/ Frame E481
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1673555818532.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E481
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033161033616790&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=f703e948-0ee8-4818-97bd-a78dabc49609
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f703e948-0ee8-4818-97bd-a78dabc49609&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f703e948-0ee8-4818-97bd-a78dabc49609&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=f703e948-0ee8-4818-97bd-a78dabc49609&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E481
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818532.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=aa4763c0-6f67-4300-8c17-b9630f6bce3b
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=aa4763c0-6f67-4300-8c17-b9630f6bce3b
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
Server
MT3 277 3f0ad7a master iad-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=aa4763c0-6f67-4300-8c17-b9630f6bce3b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Jan 2023 20:36:57 GMT
match
events-ssc.33across.com/ Frame E481
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-BkgfvsRE2uEcN8xvRgEJIULyLN0xnZaV~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-BkgfvsRE2uEcN8xvRgEJIULyLN0xnZaV%7EA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-BkgfvsRE2uEcN8xvRgEJIULyLN0xnZaV%7EA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-BkgfvsRE2uEcN8xvRgEJIULyLN0xnZaV%7EA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E481
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=59b7995bb0d1887&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHK1s1sjmDbAM68T1EAAAAAAA&expiration=1673642218&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHK1s1sjmDbAM68T1EAAAAAAA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHK1s1sjmDbAM68T1EAAAAAAA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:57 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHK1s1sjmDbAM68T1EAAAAAAA&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E481
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4370361475358131527606
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4370361475358131527606&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4370361475358131527606&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4370361475358131527606&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
syncframe
gum.criteo.com/ Frame EBB3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntdeals.net&gdpr=0&gdpr_consent=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 20:36:58 GMT
server
Kestrel
server-processing-duration-in-ticks
424177
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Jan 2023 20:36:58 GMT
/
onetag-sys.com/usync/ Frame 268E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ntdeals.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync
ib.adnxs.com/ Frame A30C 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:58 GMT
AN-X-Request-Uuid
0c45250e-0309-432f-826b-535faa5d075c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 399F 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:58 GMT
AN-X-Request-Uuid
7359f45c-b30c-4fd7-bb40-4633c85defd5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 59EB 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:58 GMT
AN-X-Request-Uuid
fa478f19-c9c4-4885-9515-b35b3e9fefe4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F30C 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:58 GMT
AN-X-Request-Uuid
3121dc53-7138-433c-b1a4-13b69d2a0900
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B63 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrjBOOBfDR8j4mCZBqVbYrMRBTG9vSKgqm4KQBQaQxwlHcbl1g4yFFGK-oTZPm21lk-8YXRH13XhXOTV2nA7cRTVqbochwFz_ptBx-FPJiJsLstXogU8M02QteYoQttOyb_Xw&sai=AMfl-YQunycoaNFtYWfTWo_1DaptgEv_sZIpllKMoBSMR8OTwUYUVwiqdL9xjCFWyegEfqgpXNFgi1wl7k0Ohum20WHH9ZPk9EQ4zcm1L_9CogFWLqfYZTHUN795_LnqkQ&sig=Cg0ArKJSzG6upB6VdJdoEAE&cid=CAQSOwDq26N9_ISE-XBmNhtFTDyjLripvtYpMILflgHvTQDAHcX1sqmlPWw9zi0RUQBGqp5w_qxGyvfHwc8VGAEgEw&id=lidar2&mcvt=1091&p=110,33,710,193&mtos=1091,1091,1091,1091,1091&tos=1091,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3442578752&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673555817097&rpt=617&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 09B5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
05f66b5cbf84f005f89ddf99a32286c928708ea38f6135c0d38552b6b79ac0d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jan 2023 18:50:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80053
Connection
keep-alive
Content-Length
10036
Expires
Fri, 13 Jan 2023 18:51:11 GMT
cm
us-u.openx.net/w/1.0/ Frame 92F7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818711.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9b6bfebea917f08deba04b6637efcaca96e05a3166b71f92ec7219152d5d253f

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
638
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP015
x-33x-status
40000000008200000A
setuid
u.4dex.io/ Frame 5AD1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1673555818711.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=212076927748114
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 5AD1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1676147818%26external_user_id%3Ddf436db8-3b49-465e-b940-8484da107c77
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1676147818&external_user_id=df436db8-3b49-465e-b940-8484da107c77
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1676147818&external_user_id=df436db8-3b49-465e-b940-8484da107c77
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1676147818&external_user_id=df436db8-3b49-465e-b940-8484da107c77
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5AD1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818711.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=Y8BvaMNW0PM9kjBxTNi19gAA%263434
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=Y8BvaMNW0PM9kjBxTNi19gAA%263434
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6AyZruVMYTaWZIFmY6XgJXPppIK%2BHUlhsLbh2Wwz9VfM5yOrITH3ScqaJd8ut4W8wwcwUcFwk9KCOrI6ZqeEsrR4Lh8iSkta%2BzDXr3onuch89rjiDl3j3beqCJgvjyoQQYAzN49vMlFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=Y8BvaMNW0PM9kjBxTNi19gAA%263434
cache-control
no-cache
cf-ray
7888affca838a229-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
match
events-ssc.33across.com/ Frame 5AD1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5AD1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=hkk_KXwaT9FWyUtvuyREwpU4mbQ
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=hkk_KXwaT9FWyUtvuyREwpU4mbQ&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=hkk_KXwaT9FWyUtvuyREwpU4mbQ&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=hkk_KXwaT9FWyUtvuyREwpU4mbQ&ts=1673555818&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5AD1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1673555818711.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6795602408261108026
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6795602408261108026
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 12 Jan 2023 20:36:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a446b66e-808a-4be4-9af8-2d7e66c76a00
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=6795602408261108026
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0234
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 12 Jan 2023 20:36:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 2429
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uHq78N1QAxWlpkMRa2_AYw
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uHq78N1QAxWlpkMRa2_AYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:59 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=uHq78N1QAxWlpkMRa2_AYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 5489 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 1E8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 12 Jan 2023 20:36:59 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame D9D6
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7268422171981694997P
42 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7268422171981694997P
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=79649
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 12 Jan 2023 20:36:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7268422171981694997P
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame B08E
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8d07f92e-aa3e-4424-b806-ec4ffa4f8fbe
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8d07f92e-aa3e-4424-b806-ec4ffa4f8fbe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 12 Jan 2023 20:36:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=8d07f92e-aa3e-4424-b806-ec4ffa4f8fbe
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame 30CD 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 12 Jan 2023 20:36:59 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-ec1b23a5d188@version_1.532
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame DA7B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 20:36:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 12 Jan 2023 20:36:58 GMT
expires
Wed, 11 Jan 2023 20:36:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A5EC7D90F4544D78896FBFD4F436DFB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Artemis
aud.pubmatic.com/AdServer/ Frame FAFB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C6778D9C-0243-4939-A202-BEE714C0F6AD&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C6778D9C-0243-4939-A202-BEE714C0F6AD&addseg=10,33,39
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C6778D9C-0243-4939-A202-BEE714C0F6AD&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame FAFB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C6778D9C-0243-4939-A202-BEE714C0F6AD&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C6778D9C-0243-4939-A202-BEE714C0F6AD&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C6778D9C-0243-4939-A202-BEE714C0F6AD&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:59 GMT
Frontend-ID
12
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Jan 2023 20:36:59 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=C6778D9C-0243-4939-A202-BEE714C0F6AD&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame FAFB 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=C6778D9C-0243-4939-A202-BEE714C0F6AD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
MDBXGEdSknom22BiACDUcIGeftHiQg29tLlKPbT-GIHphIfaiWtqSA==
expires
0
/
io.narrative.io/ Frame FAFB
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C6778D9C-0243-4939-A202-BEE714C0F6AD
  • https://io.narrative.io/?io.narrative.guid.v2=dc9148a0-92b8-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:C6778D9C-0243-4939-A202-BEE714C0F6AD
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=dc9148a0-92b8-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:C6778D9C-0243-4939-A202-BEE714C0F6AD
Protocol
HTTP/1.1
Server
3.222.96.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-96-203.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:59 GMT
Cache-Control
no-cache
Server
nginx/1.22.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=dc9148a0-92b8-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:C6778D9C-0243-4939-A202-BEE714C0F6AD
Date
Thu, 12 Jan 2023 20:36:59 GMT
Server
nginx/1.22.0
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FAFB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6795602408261108026
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6795602408261108026
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 12 Jan 2023 20:36:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.180; 149.56.153.180; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6decc3f6-73d9-43c5-bc64-28a819aa9e9c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6795602408261108026
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FAFB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cac20aa3-2990-44e5-8d75-ce027a74e9fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cac20aa3-2990-44e5-8d75-ce027a74e9fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cac20aa3-2990-44e5-8d75-ce027a74e9fa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 12 Jan 2023 20:36:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sid
mug.criteo.com/ Frame EBB3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ntdeals.net&sn=ChromeSyncframe&so=0&topUrl=ntdeals.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=DE02qXxhc1pHblF0YWExK1pXd0wra0dNZWtTYjMrNzArZlpJRWpUeVl2ZjVCK2pWSUN3ak1lU2liVlBQaXJTQmQ1L1NLQjkxaExoNFV5QjNya2NxZHpRa01ON3RldFFEM3BLWjQxSjlRZUhJYUVQU2V1UXJMUVNOLzd5M0...
433 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=DE02qXxhc1pHblF0YWExK1pXd0wra0dNZWtTYjMrNzArZlpJRWpUeVl2ZjVCK2pWSUN3ak1lU2liVlBQaXJTQmQ1L1NLQjkxaExoNFV5QjNya2NxZHpRa01ON3RldFFEM3BLWjQxSjlRZUhJYUVQU2V1UXJMUVNOLzd5M0plc214TzRuUTVhQjZuNWF4NUFteDZhckxBenRzVzhoMVRNdm54bW5KaVdvaUxZTC9jNGt5UXZiTnprYkhIbnNURWtpeDhlRmI5U1JzZVVDVmo5SXZPeWowcVJQY1AwNndLWnIyNFdLMWl3dzRDSmZId0dyOFg1ajU0WDlOSjZSUHZXd0ZjQ0ZVdEJ5aGRvSFc2UjJxWktURFpycXRsQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ccc38b8fec828c4f0db8a5241741260089560610824d161671f331854b93cc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3209868
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=DE02qXxhc1pHblF0YWExK1pXd0wra0dNZWtTYjMrNzArZlpJRWpUeVl2ZjVCK2pWSUN3ak1lU2liVlBQaXJTQmQ1L1NLQjkxaExoNFV5QjNya2NxZHpRa01ON3RldFFEM3BLWjQxSjlRZUhJYUVQU2V1UXJMUVNOLzd5M0plc214TzRuUTVhQjZuNWF4NUFteDZhckxBenRzVzhoMVRNdm54bW5KaVdvaUxZTC9jNGt5UXZiTnprYkhIbnNURWtpeDhlRmI5U1JzZVVDVmo5SXZPeWowcVJQY1AwNndLWnIyNFdLMWl3dzRDSmZId0dyOFg1ajU0WDlOSjZSUHZXd0ZjQ0ZVdEJ5aGRvSFc2UjJxWktURFpycXRsQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
797528
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A668 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc_e3Tbe-WtdqB9j4C0k7nsklZRo3FSYsDBsaWbig0C1HcmHJu36gPitQKFZQ52M5vq1rDSGgdLnZRC_YEIleb-hI9rCBwYSbnKgPXtRYW1a0jQj2yFQlLmlxnhdeKIB5CHjM&sai=AMfl-YRclzqCBzGGFRgUKkRaz2g9_GRgj8XVJvAwbWhNu7U4ZsXJyiBeVq8zoGNtI5-2bFpoJHB1npkEg8sj5S6aMGK8kAGbww9qhX4LqPT1lnL5m2I4xZlVKBgnAADZTA&sig=Cg0ArKJSzPUm8pzzuNdbEAE&cid=CAQSOwDq26N9xFIPMPLnw5w3U_CuIU4qZVsHdGQXpiTYQBCXdfY4j7QPf4iS_87nD3rGD877jQHp66Q4x9W6GAEgEw&id=lidar2&mcvt=1078&p=0,0,280,970&mtos=0,1078,1078,1078,1078&tos=0,1078,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=22&adk=821707621&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673555816996&rpt=874&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 92F7 		68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=2283e7cb-cb04-48f8-99ea-f31ef1619702
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 92F7
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033161033616790
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033161033616790
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033161033616790
Date
Thu, 12 Jan 2023 20:36:58 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 92F7
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5EC7D90F4544D78896FBFD4F436DFB
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5EC7D90F4544D78896FBFD4F436DFB
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=5A5EC7D90F4544D78896FBFD4F436DFB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 11 Jan 2023 20:36:59 GMT
53233
i6.liadm.com/s/ Frame 92F7
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=545e3721-2255-4266-b75b-00c871a3c4b2
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=545e3721-2255-4266-b75b-00c871a3c4b2&_li_chk=true&previous_uuid=537d2961544d4cbebaa4cad38e722746
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=545e3721-2255-4266-b75b-00c871a3c4b2&previous_uuid=f4f5105737f74560870a9f040ae0936f
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8381437226329219334
  • https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8381437226329219334
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8381437226329219334
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:36:59 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8381437226329219334
Date
Thu, 12 Jan 2023 20:36:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
g.pixel
aa.agkn.com/adscores/ Frame 92F7 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=486a0bdb-5a43-4386-9f9f-70447bf3977b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
5dQg8K3ydZsH_gYXd-xML-uU0RVXmiUbQx5R9hpDyDxNr8KUJgfubg==
expires
0
37274
stags.bluekai.com/site/ Frame 92F7 		62 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=73fcb303-20f8-4596-8f2a-63ea606565ee
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.0.196.34 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-196-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
41e
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame 92F7 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 92F7
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=4b66df40-47f5-4459-8348-678f1f070b6c&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:02fe03964310dd8c0baef98af9bedb35
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:02fe03964310dd8c0baef98af9bedb35
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 12 Jan 2023 20:36:59 GMT
server
Aorta/20230112.cfdd82011
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:02fe03964310dd8c0baef98af9bedb35
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
74d59606c52b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 92F7
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=i75hmbwJwTkTqbB5KCw_5w==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
vtsnten13ihvh40c425ef6je3587ecdn

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 92F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=aa4763c0-6f67-4300-8c17-b9630f6bce3b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=aa4763c0-6f67-4300-8c17-b9630f6bce3b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 12 Jan 2023 20:36:59 GMT
Server
MT3 277 3f0ad7a master iad-pixel-x32 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=aa4763c0-6f67-4300-8c17-b9630f6bce3b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Jan 2023 20:36:58 GMT
sd
us-u.openx.net/w/1.0/ Frame 92F7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a
Date
Thu, 12 Jan 2023 20:36:59 GMT
Connection
keep-alive
X-CI-RTID
d8d7964e-6823-457e-a6ff-af3e3c85aeba
Content-Length
112
Content-Type
text/html; charset=utf-8
258.json
id5-sync.com/g/v2/ 		462 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8e29b5ac75c23335b5c7ec919b03f31a392111a385d5662e88876aa202a9d436
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ntdeals.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Jan 2023 20:36:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ntdeals.net
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame DE9D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvugbCwCFbMYwDzw0L1pWh1Af4Ga0PMaZnGMOKuRP4IRkYAoLeCfvM4U9iJtn321DW0T3MqK1Bp3uoiAcqIuNIixEIFtkmIeDu9WzAyyFNeZ7HSa_wY-BYK6PLRL_9Qhf8GugA&sai=AMfl-YSufFXXX4f0FudLjmeTgOqDUhT0Oi30XzLq-rPRfh3L-wlcsdTkxuE4jar-Vleg-9lDlWPB4sueSOlz1-CAEgfQoje5NaNEHhK_s0GWn2XWJ80gMlGo0Q520QSdWw&sig=Cg0ArKJSzBnbcRPXPv75EAE&cid=CAQSOwDq26N9BOOzKQl9rrDpDJOPkldUb16wnN8lOX1eEcSFr3P5JJ7rqwN7mctRI4T-2bD7NT-rA8Kknd5BGAEgEw&id=lidar2&mcvt=1073&p=110,1408,710,1568&mtos=1073,1073,1073,1073,1073&tos=1073,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3442578759&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673555817265&rpt=708&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: ntdeals.net
URL: https://ntdeals.net/us-store/category/nsfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B08 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPHKVaW_AY5WTDpi6owa-0KzYAwAAAAA4AeAEAg&bg=!wcKlwobNAAYDMoyoIzI7ACkAdvg8WspizhLMQ1TKLjiOfpfxsA3XbXJo0Nh5-JAA6Akjf-U8nx9EhwIAAAI1UgAAAAJoAQeZAuIbFrv69p5ZnOV0i9hVqfHLUTTnQrZSkkSN2MNQXlTblJYkLfhhaYT2jWwsu4_-s2xuZyOG_sEPyOg-c9ZLWGzUpuN2RDjE-e99NUBSHUwuinj2pTCqDrdkHGcVmsuiRTrjhtu7iwE0yK2IXPJLn6eRkhY4_4Ophlswbdpe9xDK6FEMfITPv7f5o4w-rxa-DuJriCbcuWG9z4la5uYHzAv7zCOmPVxrJyNcpPpMGt5Pva-8DzTBOrFitZqyKFaGREMRbpOe8yIRJC88Q1zK4nesAxZFRj4fM9vUJqIggtlZI3XdJVPVhUdpxoKno6pJX6vGYV76hm-wNtJUi60cOb70GwtIPnqcI-2LxNBXv3VxEhrsaPu7cX3r7i0nJDKbpE9zV_S90CsEmz7D6JiFUm7rGvu-vn-WOcZJgeJqrQDBWH85TosoO37HKI7CkNLYHGyTk748ChT4sAXI9HOBTpVrmlc08-PYKVtlgJndTGgv-imJ5mJaX3F9PizoTE8tBkaFs_yKiHNY7kD_B_0h5EwtKE4JT3mZSvt7wLa5j_BuNe5yU_BQuwZpB2VXlNPqUJgTI8y4fLMSQTzYnWUQRWDZjqILFZIVNtXA88H7Ml7-oC8t_FyBeA4hmUs1v35r4UMpgZ4gjvQflPR0hO---ugamXvCzJUqB5YZCZAgEkMtBHdWMqtgzlg6u76-Vu8mS83rbdOR1DZIR3m-xUMKIJGzVn_oObeXR1l6CJsdwfbSusa8cL2BaqgPS3s-1or5tdkAk2RpkHoF1qex-3ua7HOC-Q3uQS2JsZ7E2UEOfpON0V9BjBlvFQFF0AXwKPOn4lJaMTPOlSEcVYJH6kuW4wfqVPtODkbTb6giV9azSVK9ekvy85PGt0LHWbhoxemn9HUy7dLPiCRabKAEEsca37AI3T58wZoGEJYa6Jqr4Zsrp16FE0dh3rCZhKC4m0fCFhV8qVi0yHzwTmTGnm11CK1UhVk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61C4 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5UBjaW_AY7qAHYGWoPwP3ZW5uA8AAAAAOAHgBAI&bg=!Z2SlZCDNAAYDMoyoIzI7ACkAdvg8WsU3P5-pYd0juD-gf81OQ8dEggy0nT6PwfwK6Ywe5it7N0CKZQIAAAF1UgAAAANoAQeZAt0bcbLRbIU1AIe1cKeu1zeFnsR4ZPeK_qypZpucVp2ryCaXW2DXGWsEwtlQTR6g3eYUHxMsgqNXAjNK_YwLyZT_cfYKKpevkUAwpK_0hftCqGc63PMb6MbabHkkNbQIx_zhz8BpFS5pg9HeRV9JQXtTHeZ3eyP1YI_yT3Ubqlu83hdAzIaYn0Oq81rf6wjtQ4tDsYnOXrDz6kpAsfRLSDVWiPKQFGykQfS6tKCek0CHfJLrHxJnA1Pxtl4S5U3O-9dt_PCrNw-Vzl27GkYv9CFxeXprtNsLtixBmEzewIpVu1nx8cYth5qBQifGJ_TyDmJSPOx0SvyvbUWnO4a74Roa0OtaX1coRIPIb2dhk_Q83wVYxtZyI6-IFM8OzrkvKD6ttvFjNoZBmffbLlf-ua7fzIDMIoF_FFdyBVcnf-R2taIkLQ6jpM6OKS6B5AKSG98OUTIWN7ejBf2Tlw7cMGQBBcSCcpJjVXSoe_bi9auM_n7ARgMjcmhzW85N4waJrRP4FWvsIgdBXyr0wtUGqSjirwDxIuzTjdmh7hrWkrK35p0ENPXETPaBZ6tQQ1d0QKDqubAfSB22IoQ2Yx-QTYEYcxqGmdvnSH7TH8f3bLAk2V46PGdJciC_p-j6EUzrx93sihaG-O9oYw9hyinJVI7SsHoGEI_05gJRtL1vlt7OhqYema3jNf9SEw95ObcAdv4tbOFtgBZ2mwKLDwdJp8xerYv2Dxyfxu0vn_W9jF3U2bgCUjhuJY1jvjZifHyY5DLdQG8fln5KPaRZIepPm06l56hatimjyzS2cHNaJRk5YNr8qzWbFMyEynOCDGHc7miFPg16LdI-kjnIKSfHWY9r5jcMlW2xaxkCqK95yBDBmlyK-TY2eHT2UJvkATMUH1E2wk5wtj-6I3SF_8lznOFJPfFsBuU1TunpWD21x5aq7G_jK5LbjA3s55lt7zlINoQumBcbaeM5BTwDSR48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D910 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=3405326288921262&bg=!ISKlImbNAAYDMoyoIzI7ACkAdvg8Whj1dJJzRUoKj98q_MyOp9HKtVtNuZP3n0GHV-tH3_I9EQXwRQIAAANnUgAAAAJoAQeZAqmJ2aqzfUNtK94Xl51O8KO1In6S2KskfcMtJGTJH4ARBFONrJfoGjYzHUMmhmcohB84fGoPu63FcR-FX8kqxjowMuH3ULApGWMkHDXQOwUqQxv5WW_hYRhEUMWBpLtRcuw0eco4V06LYtGOnmJgUO2Zj-XHZNCPUEmOPU_951jQRCbPCVv6cMK2zXPY0i7suFY-RuSpT0M6JJZUSVIfKNhsRBNu8ZXrVGeBsKCNTqjTRGX4Zu4X1dbDo62mz8M97Zy7EcHUx_lvIwLaPi_LqvyC4-WR9vVtyxXyWou_3f_jMwzB5OZ0CJDIknGI2sVGGnsAkifrBi0AVlncBNR3jda74WxSn35MRDZB_JtUhAkvl6IdBQx9t5mvyHb_Q2oCz20pUmwfT09h7B6gxUYNY-54F1kbGvELEdQrSA-sJaBBDKkdSEOP4BsLDVU7HGBrHDrUcU309ohT1wBlKofeczx85ONzoEtfPXigE6k65nA550c4zCE1L7ToxXP6ZcK-ub9sk9WFcb_khAsluyillYXZy5rdgHZ965h5N_MSYt1V6BuYap0UG3dZBncqE1u5T2fS0r6j5WbWLMAUm7x4RVC0lVlo9Jgn1IgUppnPZWLk4Axwff-CqQ7nWaWnv55tuFyHntjrJ8Mavb9fVOWJkOSjomELr4jbBsNRjNmvSTp84vxCKdLzn8AOg5ZrviWI7OvOEmzj1pIvCJWou8rz9CCASZ2B4GebN8ZXg5U2s9F7Yay1T058gYf7uBJLYqxbxmNvLBMybCkSv25Y5zGx0jDjYrrSEBlX7rJJIDT2E5aYKsFae-Q-2YogMXOAnvBUw0BU9NHrZnluhB5_exnFJQT01VMj9LsFu2yZQywx5c2b9q6eecqaQuUE5xC-DWrYh8ZsshsBN7t8k5M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ntdeals.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
match
events-ssc.33across.com/ Frame 09B5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LCTJX77B-4-86XX
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LCTJX77B-4-86XX
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LCTJX77B-4-86XX&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LCTJX77B-4-86XX&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:36:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:36:58 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LCTJX77B-4-86XX&ts=1673555819&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FAFB 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:37:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame AD17 		598 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49441712&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
be052c2daee754a589deeb0d29b5fcf6067fda6bacd16c84f99d2dd1da96784a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 12 Jan 2023 20:37:01 GMT
content-length
598
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame D202 		47 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58977622&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 12 Jan 2023 20:37:01 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6213 		47 B
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91940285&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 12 Jan 2023 20:37:01 GMT
content-length
47
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame AD17 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.25.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-25-51.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:37:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.241
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame AD17
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C6778D9C-0243-4939-A202-BEE714C0F6AD
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=c3230169-53d8-44eb-aae6-f2c609f08947%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=c3230169-53d8-44eb-aae6-f2c609f08947%2C%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=c3230169-53d8-44eb-aae6-f2c609f08947%2C%2C
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:37:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 12 Jan 2023 20:37:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=df436db8-3b49-465e-b940-8484da107c77&ttd_puid=c3230169-53d8-44eb-aae6-f2c609f08947%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
75145
i.liadm.com/s/ Frame AD17 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C6778D9C-0243-4939-A202-BEE714C0F6AD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.176.201 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-176-201.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 20:37:01 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
4
Content-Type
image/gif
/
bpi.rtactivate.com/tag/ Frame AD17 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=C6778D9C-0243-4939-A202-BEE714C0F6AD&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.77.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-77-41.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 20:37:01 GMT
server
awselb/2.0
content-length
43
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
URL
https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEA4Rl8BxtdVHzyRJMJhlvf4&google_cver=1&google_push=AavPq0PSerMaXOLhmOmCv00ct0hbd4F6z6O8amw5iKvr05v59AjIgl_RPs-KKO5LZ2tVBsbvJqhx_UcgVcYkNeROzVYXtjOAAdkL9A
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| oncontentvisibilityautostatechange object| __vm_add object| dataLayer string| currentTheme object| pagespeed function| _extends function| _typeof function| slidebars object| controller undefined| didScroll object| lazyLoadInstance number| lastScrollTop number| delta number| navbarHeight function| removeTransition function| hasScrolled number| windowWidth number| scrollTopHeight function| $ function| jQuery function| LazyLoad object| yii object| datepicker_locale_en object| datepicker_locale_ru object| datepicker_locale_uk object| datepicker_locale_de function| initSliderGroup object| dealsDateDatepickerFrom object| dealsDateDatepickerTo object| releaseDateDatepickerFrom object| releaseDateDatepickerTo function| AirDatepicker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| gaplugins object| gaData object| __VM object| ats object| Criteo object| googletag object| ggeac object| google_js_reporting_queue object| sas object| apntag object| _ADAGIO undefined| google_measure_js_timing object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| google_ad_modifications number| google_global_correlator object| google_prev_clients boolean| c4425bd0-6b5f-4714-a16b-dd22ea146368 number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123

190 Cookies

Domain/Path Name / Value
.mrtnsvr.com/sync Name: userId
Value: nVN3NK3aM
i.liadm.com/s Name: _li_ss
Value: ChMKBgjSARCJFAoJCP____8HEJcU
ntdeals.net/ Name: ntdeals_session
Value: mtjg1dqa8i8839me0n9ng8h90t
ntdeals.net/ Name: _store
Value: 5f61a939f4862b56c1031e86b62727048b3991125dcf38a023287b883179505da%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22_store%22%3Bi%3A1%3Bs%3A2%3A%22US%22%3B%7D
ntdeals.net/ Name: _language
Value: ab1a782c920459ef80d8aa3051d10f3045260390425a029cc1946ce9f4c9a8cba%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_language%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D
.ntdeals.net/ Name: _ga_2FMSBQ636B
Value: GS1.1.1673555814.1.0.1673555814.60.0.0
.ntdeals.net/ Name: _ga
Value: GA1.2.1472796446.1673555814
.ntdeals.net/ Name: _gid
Value: GA1.2.31629594.1673555814
.ntdeals.net/ Name: _gat_UA-201602235-1
Value: 1
ntdeals.net/ Name: _lr_geo_location
Value: CA
ntdeals.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.a-mo.net/ Name: amuid2
Value: 10a011f3-29c5-404c-9b5a-4999224c8fac
.prebid.a-mo.net/ Name: sd_amuid2
Value: 10a011f3-29c5-404c-9b5a-4999224c8fac
.openx.net/ Name: i
Value: 8744d4fc-bc08-47e0-af0b-34269f1236a0|1673555814
.rubiconproject.com/ Name: khaos
Value: LCTJX77B-4-86XX
.omnitagjs.com/ Name: ayl_visitor
Value: 3237481a8a9fd40481c4dbde12a4a54d
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C6778D9C-0243-4939-A202-BEE714C0F6AD
.yahoo.com/ Name: A3
Value: d=AQABBGdvwGMCEIi8_nrpPMtQBnaWH96Ty-kFEgEBAQHAwWPKYwAAAAAA_eMAAA&S=AQAAAhJg6t5s2YlnToXxl0mCKQ0
.adnxs.com/ Name: uuid2
Value: 6795602408261108026
.adform.net/ Name: C
Value: 1
.deepintent.com/ Name: CDIUSER
Value: di_f1474cf4b24348e7bb38a
.adform.net/ Name: uid
Value: 5694345856564226757
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y8BvZwALQt4IwwAp
.acuityplatform.com/ Name: auid
Value: 731205241210
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQml2MlqymGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUJpdjJaso90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.adsrvr.org/ Name: TDID
Value: df436db8-3b49-465e-b940-8484da107c77
.quantserve.com/ Name: d
Value: EOwBCwGEKPijAA
.quantserve.com/ Name: mc
Value: 63c06f67-44978-de311-2d5d4
.adgrx.com/ Name: ADGRX_UID
Value: da5260a6-92b8-11ed-b89e-3b17b4e5d009
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6795602408261108026&KRTB&23339-6795602408261108026
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-731205241210&KRTB&23428-731205241210
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-nVN3NK3aM&KRTB&23413-nVN3NK3aM
.w55c.net/ Name: wfivefivec
Value: VvYVkAPA1Pg4jJ5
.mathtag.com/ Name: uuid
Value: aa4763c0-6f67-4300-8c17-b9630f6bce3b
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-86493f29-7c1a-4fd1-56c9-4b6fbb2444c2.OxqkSVDaYLfOGja05RoMRVjfxFNHNFRAIfKzbondgJA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ahkk_KXwaT9FWyUtvuyREwpU4mbQ.CEGUxporrjezdwMbBcDftcDpV%2BZKFmGdJ9doLFuAIOg
.turn.com/ Name: uid
Value: 8381437226329219334
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y8BvZwALQt4IwwAp&KRTB&22978-Y8BvZwALQt4IwwAp&KRTB&23194-Y8BvZwALQt4IwwAp&KRTB&23209-Y8BvZwALQt4IwwAp
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-2d8c96bb-ba41-4bc2-b1dc-6b95365c33e7&KRTB&23340-2d8c96bb-ba41-4bc2-b1dc-6b95365c33e7
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&KRTB&16736-uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&KRTB&23019-uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b&KRTB&23114-uid:aa4763c0-6f67-4300-8c17-b9630f6bce3b
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-hkk_KXwaT9FWyUtvuyREwpU4mbQ&KRTB&23334-hkk_KXwaT9FWyUtvuyREwpU4mbQ&KRTB&23417-hkk_KXwaT9FWyUtvuyREwpU4mbQ&KRTB&23426-hkk_KXwaT9FWyUtvuyREwpU4mbQ
.w55c.net/ Name: matchpubmatic
Value: 5
.bidr.io/ Name: bito
Value: AAClik7HgN8AACFqteByfQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.simpli.fi/ Name: suid
Value: 5A5EC7D90F4544D78896FBFD4F436DFB
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:VvYVkAPA1Pg4jJ5&KRTB&23421-uid:VvYVkAPA1Pg4jJ5
.amazon-adsystem.com/ Name: ad-id
Value: A7BbryimbkmmosNIvIWtZhw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-da5260a6-92b8-11ed-b89e-3b17b4e5d009&KRTB&23275-da5260a6-92b8-11ed-b89e-3b17b4e5d009
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 1f69cfcb-5080-4856-8b92-6b682c886a1b
beacon.lynx.cognitivlabs.com/ Name: ss
Value: WWRBl28r1yCz8mpE11zOt8h%2FriNcGoVXnOjUq0t7ZBS4DmScjhbzV1RvWIOSef1q7qYb5ZU7Sh5mM%2BPWhrBjxw%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N&KRTB&19420-513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N&KRTB&22979-513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N&KRTB&23403-513PP-cImjj8Wpg25laBa7RdnT78XMg6tVrtjF6N
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8671c17f-0d43-41af-b210-58f9931566cd-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8381437226329219334&KRTB&23150-8381437226329219334
.tribalfusion.com/ Name: ANON_ID
Value: aInseFqkaHbBykt9ZbxaYHN4If1v9xck0Zd6wEBIaHdZaDGnu5cfBADs3XO4e7My6Mn03qSJWV32625vspLE4Ao
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:5A5EC7D90F4544D78896FBFD4F436DFB
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-df436db8-3b49-465e-b940-8484da107c77&KRTB&22918-df436db8-3b49-465e-b940-8484da107c77&KRTB&23031-df436db8-3b49-465e-b940-8484da107c77
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8671c17f-0d43-41af-b210-58f9931566cd-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHK1s1sjmCnwNCxzMiAAAAAAA&KRTB&22713-AAAHK1s1sjmCnwNCxzMiAAAAAAA&KRTB&22715-AAAHK1s1sjmCnwNCxzMiAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-8671c17f-0d43-41af-b210-58f9931566cd-005&KRTB&17107-RX-8671c17f-0d43-41af-b210-58f9931566cd-005
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5694345856564226757&KRTB&23263-5694345856564226757
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIYlt2Tx_5H5X7pJxMr8Okw&KRTB&16514-CAESEIYlt2Tx_5H5X7pJxMr8Okw&KRTB&23025-CAESEIYlt2Tx_5H5X7pJxMr8Okw&KRTB&23386-CAESEIYlt2Tx_5H5X7pJxMr8Okw
.ipredictive.com/ Name: cu
Value: e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a|1673555815534
.technoratimedia.com/ Name: tads_uid
Value: 6153D86B1EF143ABA4D52706CB324CEB
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230112203655+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAClik7HgN8AACFqteByfQ
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a&KRTB&23011-e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a&KRTB&23355-e54aacf0-62ef-4ee4-86c1-b09cfedd4f1a
.pippio.com/ Name: did
Value: RN_25p6nQPeF25jC
.pippio.com/ Name: didts
Value: 1673555815
.pippio.com/ Name: nnls
Value:
.sitescout.com/ Name: ssi
Value: 7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1#1673555815556
.bidswitch.net/ Name: tuuid
Value: f703e948-0ee8-4818-97bd-a78dabc49609
.bidswitch.net/ Name: c
Value: 1673555815
.bidswitch.net/ Name: tuuid_lu
Value: 1673555815
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&KRTB&23418-7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341&KRTB&23424-7cff76ae-6ec2-495c-a480-c7f3ba7ba4c1-63c06f67-4341
.pippio.com/ Name: pxrc
Value: COfegZ4GEgQIAhAAEgYI7OsBEAA=
.mxptint.net/ Name: mxpim
Value: R1B330_FC649F66_869084B9.1.000000000000000063C06F67
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_FC649F66_869084B9&KRTB&23092-R1B330_FC649F66_869084B9
.onaudience.com/ Name: cookie
Value: 7928dbadf52e6b44
.onaudience.com/ Name: done_redirects104
Value: 1
ads.avct.cloud/ Name: uuid
Value: 8aba8345-f6c5-4666-a801-899ad621686b
.linksynergy.com/ Name: rmuid
Value: 87fc90cd-a177-47ce-8aa2-0201f9a0cd7a
.linksynergy.com/ Name: icts
Value: 2023-01-12T20:36:55Z
.smartadserver.com/ Name: pid
Value: 3972935914184225792
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAClik7HgN8AACFqteByfQ
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d8a9a62d490995c6f1e1e7e433bd7c61
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f703e948-0ee8-4818-97bd-a78dabc49609
.contextweb.com/ Name: V
Value: f0i8Xv1xkJJ0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ibr|7dN.0.AAClik7HgN8AACFqteByfQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 86764d9219679c9a
.doubleclick.net/ Name: IDE
Value: AHWqTUnyFNAtVP1wO-m7WIEDWP420fo_6O5zNbNE_pPBpFtrLpdIU5DWSMs1V5PmFYI
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAClik7HgN8AACFqteByfQ
.onaudience.com/ Name: done_redirects252
Value: 1
.ntdeals.net/ Name: __gpi
Value: UID=000009e4e6cf4e36:T=1673555815:RT=1673555815:S=ALNI_Mbhm3BFPVCmzaHVqIW5vxDy0Ove9A
.360yield.com/ Name: tuuid
Value: f2198175-84ea-4119-999d-278ab29b1f63
.360yield.com/ Name: tuuid_lu
Value: 1673555816
.onaudience.com/ Name: done_redirects161
Value: 1
.casalemedia.com/ Name: CMID
Value: Y8BvaMNW0PM9kjBxTNi19gAA
.casalemedia.com/ Name: CMPS
Value: 3434
.casalemedia.com/ Name: CMPRO
Value: 3434
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>1HyB#p!@wnfH8K6pQK`!5=E<*L5?%K//grMK75aN8cy[$HiFpfFXLLp^A8d)5ei+E8%nugO%v4VB%nn:G*/U!p
.bidswitch.net/ Name: google_push
Value: AavPq0PplMDZ4HVTFzLD5h0ziz-5sjU80m5QmuYCQZu4bAyCkPVnVbiRWeJkx2T_mySp-gOoVIB17yxE1uc7IhsL8BnFK8h9WpgTOg
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A8173471346334862447
.ctnsnet.com/ Name: gid_CAESEJFsf1RlrEcF-uZH8K0-qFA
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 4_1673555814_1673555816
.onaudience.com/ Name: done_redirects109
Value: 1
.bluekai.com/ Name: bku
Value: 5RW99sCFyswH4sLj
.ntdeals.net/ Name: __gads
Value: ID=2a8158c2df8c8d2a-22c1f7846cda00e3:T=1673555815:RT=1673555817:S=ALNI_MYPMlKJTHKme5izI2P8GwY2DNesvA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&21f6c6ad-60e3-455e-85e0-6f72110ef402"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2934:u=1:x=1:i=1673555817:t=1673642217:v=2:sig=AQHWx5gg_L-1xjkrrrGfMgSOBGyEqjfc"
.teads.tv/ Name: tt_viewer
Value: c0a44239-03cd-4e80-bd58-2eb683f2cafc
.spotxchange.com/ Name: audience
Value: dbc0c9a6-92b8-11ed-b439-154f9acf0303
.owneriq.net/ Name: si
Value: Q7268422171981694997P
.owneriq.net/ Name: gguuid
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212076927748114%3As1%3D1673555818067%3Ats%3D1673555818067
.demdex.net/ Name: demdex
Value: 12724224209254008112081856739833916890
.scotiabank.demdex.net/ Name: scotiabank
Value: 12724224209254008112081856739833916890
.uuidksinc.net/ Name: jcsuuid
Value: fPHhuCtLpQZTReUrxliB
.dyntrk.com/ Name: dyn_u
Value: 04030001_63c06f6a3e26f
ntdeals.net/ Name: _lr_retry_request
Value: true
ntdeals.net/ Name: _lr_env_src_ats
Value: false
.tynt.com/ Name: uid
Value: xQdjyWPAb2piFbxjE2tnuQ==
.sharethrough.com/ Name: stx_user_id
Value: dae58c09-9fdf-4870-a7e3-4047f34cb006
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: g2373e658674511c2648%7C1673555818353%7C0%7C
.ntdeals.net/ Name: FCNEC
Value: %5B%5B%22AKsRol_BFxJo6iyrvS1JrtDhnH2v1U9Jj6vZ-0h3CmCTfrdAnGLvg-vaPSk82Y8zUbwss-UItduSSDmFdRjYOqk6iwor_lqTi_8uQa_GcxqVBivqVQfPPBPN-nMkZbKsdbDlb4XpvMp_7Ucgfhg6JU4LFYZJKpZw9w%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1673555818534
.tapad.com/ Name: TapAd_DID
Value: c3230169-53d8-44eb-aae6-f2c609f08947
.mookie1.com/ Name: id
Value: 10596969928044676171
.mookie1.com/ Name: mdata
Value: 1|10596969928044676171|1673555818575
.mookie1.com/ Name: ov
Value: c8b6f01b2ea1c7c5fe466dcd82db5c74
.lijit.com/ Name: ljt_reader
Value: F-c0jLZH9GZkM-XkRx-i0S_5
.openx.net/ Name: univ_id
Value: 537072971|df436db8-3b49-465e-b940-8484da107c77|1673555818702657
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818711%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818532%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818711%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818711%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818532%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818711%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818532%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818532%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818532%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818711%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818532%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1673555818711%7D%5D
.pubmatic.com/ Name: SyncRTB3
Value: 1674777600%3A35%7C1674086400%3A223_2_15_38%7C1676073600%3A224%7C1674345600%3A63%7C1674691200%3A176_7_243_239_238_8_234_56_104_22_5_96_240_54_13_231_214_204_178_220_55_21_3_166_250_81_249_165_48_71_233_99%7C1678665600%3A69
.rlcdn.com/ Name: pxrc
Value: COfegZ4GEgUI6AcQABIFCOhHEAASBgi46wEQAw==
.dotomi.com/ Name: DotomiTest
Value: 59b7995bb0d1887
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~29dw:199z~29dw:18yx~29dw:196y~29dw:18za~29dw:190u~29dw"
.criteo.com/ Name: uid
Value: 33e28126-461e-4478-be88-7d99f1db3bb6
.mookie1.com/ Name: syncdata_TAP
Value: 1
.3lift.com/ Name: tluid
Value: 4370361475358131527606
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY3MzU1NTgxNTU4NCwiMTciOjE2NzM1NTU4MTg0NjQsIjM5IjoxNjczNTU1ODE4ODg3LCI3IjoxNjczNTU1ODE4ODg3fQ
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.openx.net/ Name: pd
Value: v2|1673555818|g6mmiKbwuYvPwtvMvJeSgahEgKkWwrg2f8vuvRwikegy
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQzBJJmhmbmlgZCfIa6QbnmIZWJ-eWZOdnlALmmxR4kAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQzBJJmhmbmlgZCfIa6QbnmIZWJ-eWZOdnlALmmxR4kAAAA
.ntdeals.net/ Name: cto_bidid
Value: uFCbaV9yU1B2UGdYVjIwTzdzdmZNNHF6WGZwZXBQakw1TWQ5bWl4YUo3VzNPaklwTTJucmZhZUJjZkxIcVV5RHM0Vm9BM29acW9oT214SWV6Y3pDSHgwWWNwZyUzRCUzRA
.ctnsnet.com/ Name: cid
Value: 533ade05b1cc4c14b600cd688884aa38
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vFyGtoZm5sampqYWhhaWmyigWZb2QOALU3J5QgAAAA
.agkn.com/ Name: ab
Value: 0001%3A0zVJQWNz1k0Umqdk1H4Hi6HCQcgWTgno
.fiftyt.com/ Name: fifid
Value: 788f422e-bb17-4e3f-717b-d2e55d3be751
.fiftyt.com/ Name: cs
Value: MTY3MzU1NTgxOXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fGUCxhY0sBbJN5PGyiNMaWSPdrsuRVW9c9WNZShoSfjj
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7268422171981694997P&KRTB&22521-Q7268422171981694997P
ads.playground.xyz/ Name: connect.sid
Value: s%3AQ6iyq5i0WD5-Y5PSQVm-sNKbuIWWlLV5.LqU21VKoZu6CZPnpwiwqhZYb3GK%2BmnVGTf5EjNvuo%2FM
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDEtMTJUMjA6MzY6NTYuNjEyODY2ODk4WiIsImFkeW91bGlrZSI6IjIwMjMtMDEtMTJUMjA6MzY6NTYuMjg0NjY3NjRaIiwiYXBwbmV4dXMiOiIyMDIzLTAxLTEyVDIwOjM2OjU2LjYxMjg2MDM5OVoiLCJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wMS0xMlQyMDozNjo1NC45MTM5Njg2MjJaIiwib25ldGFnIjoiMjAyMy0wMS0xMlQyMDozNjo1Ni42MTI4NzEzNTZaIiwicHVibWF0aWMiOiIyMDIzLTAxLTEyVDIwOjM2OjU0LjkxMjg4MDIxOFoiLCJyaWNoYXVkaWVuY2UiOiIyMDIzLTAxLTEyVDIwOjM2OjU2LjI4NDI1MjY0NloiLCJydWJpY29uIjoiMjAyMy0wMS0xMlQyMDozNjo1NC45MTMzMzU2NFoiLCJzb3ZybiI6IjIwMjMtMDEtMTJUMjA6MzY6NTYuMjg1MjQ4OTg1WiJ9LCJ1aWRzIjp7IjMzYWNyb3NzIjp7InVpZCI6IjIxMjA3NjkyNzc0ODExNCIsImV4cGlyZXMiOiIyMDIzLTAzLTEzVDIwOjM2OjU5LjAxNjE0NDUwNloifSwiYWRhZ2lvIjp7InVpZCI6IjhhYWJmMWMyLTM5MzktNDYyNi1hNzRlLTZkMDcwMDQ0M2ViOSIsImV4cGlyZXMiOiIyMDIzLTAzLTEzVDIwOjM2OjU0LjgzNTQ0MDQwN1oifSwiYWR5b3VsaWtlIjp7InVpZCI6IjMyMzc0ODFhOGE5ZmQ0MDQ4MWM0ZGJkZTEyYTRhNTRkIiwiZXhwaXJlcyI6IjIwMjMtMDMtMTNUMjA6MzY6NTcuOTAzNzI1Nzk3WiJ9LCJhcHBuZXh1cyI6eyJ1aWQiOiI2Nzk1NjAyNDA4MjYxMTA4MDI2IiwiZXhwaXJlcyI6IjIwMjMtMDMtMTNUMjA6MzY6NTcuNzY5MTAxMTU3WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiJmMjE5ODE3NS04NGVhLTQxMTktOTk5ZC0yNzhhYjI5YjFmNjMiLCJleHBpcmVzIjoiMjAyMy0wMy0xM1QyMDozNjo1Ni43MjAyNDIyOTFaIn0sImluZGV4ZXhjaGFuZ2UiOnsidWlkIjoiWThCdmFNTlcwUE05a2pCeFROaTE5Z0FBRFdvQUFBQUIiLCJleHBpcmVzIjoiMjAyMy0wMy0xM1QyMDozNjo1Ny4yNTcyNzEyNDdaIn0sInB1Ym1hdGljIjp7InVpZCI6IkM2Nzc4RDlDLTAyNDMtNDkzOS1BMjAyLUJFRTcxNEMwRjZBRCIsImV4cGlyZXMiOiIyMDIzLTAzLTEzVDIwOjM2OjU1LjI3NzcxOTE2NVoifSwicnViaWNvbiI6eyJ1aWQiOiJMQ1RKWDc3Qi00LTg2WFgiLCJleHBpcmVzIjoiMjAyMy0wMy0xM1QyMDozNjo1Ny40MjcyNTExNDFaIn19LCJiZGF5IjoiMjAyMy0wMS0xMlQyMDozNjo1NC44MzUxMjA5MjRaIn0=
io.narrative.io/ Name: io.narrative.guid.v2
Value: dc9148a0-92b8-11ed-a2b2-0ecbf2332f6f
.semasio.net/ Name: SEUNCY
Value: C8E6F8FFE61A6733
.rlcdn.com/ Name: rlas3
Value: NEUZG/GDGAZZoPw6rz4CKx4YPaAvEKs5CwYYrTKYbhU=
.liadm.com/ Name: lidid
Value: 537d2961-544d-4cbe-baa4-cad38e722746
.mookie1.com/ Name: syncdata_NEU
Value: 1
.fiftyt.com/ Name: fppm
Value: 20230112203659
.inmobi.com/ Name: idsp_c
Value: 8d07f92e-aa3e-4424-b806-ec4ffa4f8fbe
.bluekai.com/ Name: bkdc
Value: phx
.ntdeals.net/ Name: cto_bundle
Value: K0w6DV9NOWVvS2lDJTJGVVFmeVA2OWk4WTMlMkZNMG1SbE9GbkVpWUpTSXBRJTJCQkMxNzczWTRkSWlKaTh0ZDY4amQwVU5rcHRjcWZQdWszdGRhdFhpN2lJeEJjb29kWnA4RXkzekIxMDVUa3Z2dnF0WmZNbnN6ZjB0RmlLVzVlb0pUY2RVbEFDdTFsMEFWZUx5dlZHJTJGM0lFSWV6dWllUSUzRCUzRA
.csync.loopme.me/ Name: viewer_token
Value: fb26cbc3-024c-460b-a81e-8916069348ad
.adsby.bidtheatre.com/ Name: __kuid
Value: cac20aa3-2990-44e5-8d75-ce027a74e9fa.442769819
.prebid.a-mo.net/ Name: _sv3_bid_switch
Value: 1
.id5-sync.com/ Name: id5
Value: 0ff9d708-915b-72bf-8620-1ec9e4e58510#1673555819283#1
.c.appier.net/ Name: _auid
Value: uHq78N1QAxWlpkMRa2_AYw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-uHq78N1QAxWlpkMRa2_AYw
.pubmatic.com/ Name: PugT
Value: 1673555818
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHtXDAG3PW0hO1WuCoMxA8a+JUixCbOKdoPwGMehPqQoj0F8P7TyA08k98igzwrIxK4+2uykD6Fn/ANjKiRLRc6L+7sV8Co/dHS3iLUirbV3Q==
.pubmatic.com/ Name: SPugT
Value: 1673555820
.pubmatic.com/ Name: DPSync3
Value: 1674086400%3A248_252_253_164%7C1674691200%3A201_197_221_226_245_228_236_219
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 159234:4
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiWh_Tt2Lm6OxAFEhYKB3J1Ymljb24SCwjirqr-2Lm6OxAFEhUKBmdvb2dsZRILCNb1oonZubo7EAUSFAoFdGFwYWQSCwj2w7-r2bm6OxAFGAEgASgCMgsI9rvC2O-5ujsQBTgBWgV0YXBhZGAC
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1673577421861
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!308

6 Console Messages

Source Level URL
Text
security warning URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3221102593' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
security error URL: https://0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=179449123&d_campaign=25684979&d_placement=301716233&d_site=3375178&d_aid=6105106&d_bust=3033174626' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
javascript error URL: https://ntdeals.net/us-store/category/nsfw
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://ntdeals.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEA4Rl8BxtdVHzyRJMJhlvf4&google_cver=1&google_push=AavPq0PSerMaXOLhmOmCv00ct0hbd4F6z6O8amw5iKvr05v59AjIgl_RPs-KKO5LZ2tVBsbvJqhx_UcgVcYkNeROzVYXtjOAAdkL9A
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
33across-match.dotomi.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
assets.nintendo.com
ats.rlcdn.com
aud.pubmatic.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
btlr.sharethrough.com
c.us1.dyntrk.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.ntdeals.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
core.iprom.net
cs.chocolateplatform.com
csync.loopme.me
d.turn.com
d1oykxszdrgjgl.cloudfront.net
de.tynt.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
io.narrative.io
ipac.ctnsnet.com
ius.ctnsnet.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
ntdeals.net
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
scotiabank.demdex.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
u.4dex.io
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
venatusmedia-d.openx.net
visitor.fiftyt.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
0e5f3431ce82382cd6a0243e8311aafb.safeframe.googlesyndication.com
api.rlcdn.com
cs.chocolateplatform.com
104.105.42.146
104.18.33.19
104.36.115.111
104.36.115.113
104.45.178.220
104.66.251.81
107.178.246.49
107.178.254.65
107.22.187.94
108.138.128.101
13.225.214.50
13.35.93.28
141.94.171.215
141.95.98.65
142.250.65.162
142.251.41.2
145.40.89.200
15.235.43.119
150.136.156.92
151.101.193.108
151.101.194.49
151.139.128.10
157.90.211.246
159.65.197.210
162.19.138.119
162.248.18.10
162.248.18.34
162.248.18.37
169.197.150.7
172.104.70.67
172.64.151.162
172.64.154.237
173.231.178.77
174.137.133.49
18.205.173.16
184.73.36.82
185.167.164.43
185.255.84.152
192.35.249.138
192.40.39.223
195.244.31.10
195.5.165.20
198.148.27.140
199.127.204.171
199.187.193.193
199.38.167.130
2001:4860:4802:36::181
204.2.255.233
207.198.113.88
23.0.196.34
23.105.14.96
23.78.168.242
2600:1901:0:8344::
2600:1f18:4e9:5a02:fb02:cd4a:2ecf:b315
2600:1f18:612b:4264:e300:4af3:2fab:c142
2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c
2600:9000:2512:5c00:0:1651:6140:21
2602:803:c002:200::42
2606:4700:10::6816:2f8e
2606:4700:20::681a:246
2606:4700:20::681a:9a9
2606:4700::6812:19ad
2606:4700::6812:372
2606:ae80:1451:22::730
2607:f8b0:4004:c08::9c
2607:f8b0:4006:807::2008
2607:f8b0:4006:808::2002
2607:f8b0:4006:808::2003
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2006
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2004
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a04:4e42:400::614
3.218.77.41
3.218.90.66
3.222.96.203
3.92.100.173
31.220.27.134
34.102.163.6
34.102.253.54
34.117.239.71
34.149.40.38
34.171.234.26
34.200.16.206
34.206.164.61
34.236.83.94
34.95.69.49
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.201.96.126
35.211.178.172
35.214.223.115
35.244.159.8
35.71.131.137
35.71.139.29
37.157.3.28
44.201.217.92
44.205.120.122
5.161.47.120
50.16.197.56
50.57.31.206
51.222.39.185
52.3.185.245
52.31.12.122
52.46.143.56
52.72.175.129
52.85.61.12
52.87.25.51
52.94.222.140
54.161.176.201
54.175.24.238
54.187.41.104
54.221.123.214
54.237.196.214
63.251.86.51
67.202.105.23
67.202.105.31
68.67.160.132
68.67.160.186
69.173.151.100
69.192.109.53
69.90.254.78
74.119.119.139
74.119.119.150
74.121.140.14
76.13.32.147
8.28.7.83
8.28.7.84
8.39.36.141
8.43.72.98
96.7.65.215
00e681fdb1daf6c445f4f763203ddc366f28dc35a8afe3f472d73cc679130c59
0210de380dad706e1ddfbdbcf166f83195874b9aec4ee9657aa1fa0133b4a991
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04279e10a9562cb187f99d1fdab407bd98e5f9cde72111cb0ce4e841d2bcae60
05e73c7efaa3e6a78deb12fe359186cbed511d8df4c247f1a81cdcecd874edb9
05f66b5cbf84f005f89ddf99a32286c928708ea38f6135c0d38552b6b79ac0d6
07528a33d0d0685761da5e15d26b30b81be1dcf80a2be9fa87ecdeb559f14f20
08236304df812e92e1317231184929c0faf9f8a321e95b7729e4dcf3d67d3d0c
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b02405345d4d6ed6bc3400930529a1b54e55ec641695bef1eb661ef509d80fd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f56c7ec5b28bc17be84d4fc7a853227ff53cee33be098dd57b8c3a1fcba84da
109c3c5bd310f3e4fb0c01c4bbd5510b241d7e0e4db27cbd8732744dbae777b9
10c706503e230ab828d5264a02ae9685ff8534cdc4a82ad00d070d88160933b7
10ff6e2736cee93d6d3272e94b6f7c8bddaa703a3b06f63b9e546c3513998d65
11571f3fd51e4adbad516043297c9eeade058cb48dc211e744f13baad27ff93d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
173e8a1cf97328cccad8380a0373ea46dfc9a3682abf24f933cca60625bb1545
17edd6145b71440c1e5b39cf1f0cfba2ee4a51ca70b0292a29eedb352d202312
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f32d417c62c6dcd776b270d952ce1db3e12f1a68bb26bc6e50f41849ce7a91e
1f84bbf3a1777392fc641049e353e8ef042ee137531438573414d21d73fe9186
1fa569e6bca289708deb07a240157e526d352df6ca9daea839a6e0a3653e195b
201bd0993558825eebc7d6ec7024c006ef526d18c02614542f48f4675454b0ea
2037b9380a5c4b49f85975e21ef6bf60ea773bb6cf0df8a6a8dd5ff58bf112e2
20409fb72442059ad0850842dc7de09efc04b1b225c7adc5ef6301f585ee7547
227226d2d40b72e69e9603ca676ce7b8c7f4f83058bce4c4af126ba3eb8f6f4a
22c50e078658d2d19f69fb706d03d2016a1499b020355f6b5e8005cc7ffd317b
22f6d597a4c3eb3e142c05d2b719573df8c0412ee0b5989b9f87662436c8355b
22ff88d2cc7602adca5e98f1f9ff71afb48f7bae4e4f2e0c84209a7566417b07
23ae59acaccceedcddd27d83ec079e1ff5b50f9859a2235640255cb5357cc790
23ef52bed74b2945591eaff074cd13c678a6113e0a8ecdd16bdefd7e53c1e130
25ed1ed8f5a4adc6b9194a82721ba6d1fb5c1eb4f9acb9064888a2aa039a23ca
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bcdb3ec02e7c97412562c66dd458bede4295c79b0719a655ea49d303832554d
2c003703a07bac02b8e42b49562a2cdb95b9b68ef4bd669b6c9c7e9919f7dbe7
2c47a34a61516246dcd755ffdac2ed3df54c42b2a6419dd628ec1fb861835edd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e077f07d43b0caf46c77e7dce73aca2622f703b6df907ec9086b781fae587cf
2ec05c104f43d239808b1585b0f00a9349c64dfcb24dee9fdb01d845d48a0593
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f95e6b480b25d296ff79287ad3db5d2bc297574529d704b5c472be174f74d97
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3482b0f58986bb2a21b25f19b026bf2119f40847375fa106b86e2ee879739f83
35b6e8c8e4b89536df8fed1101aca642736dd3d06a9ae062b42773c7bb50f5f6
35c610c18037de87d1f2ff6bb3776d51d684a598ab6e5a5df5d74f15f68dc702
362732e65c29b9b8d85398262ea42f2e021e181582536f5e1c0959bc4e4352fa
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38a22a966e9ad9ea25bb216937c89ef411257bb740485269f64dc479b460a07d
394b86857818dcb04e2902bc214acc06961eb16db11d6bd1ceecf3842f376af2
3b909abe758405d5abfe5a01f2c319ce1ef4211d880559f0887df082942a425c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd9eabfe480f5c4de32008a9523e97d2822d74326d515691d7f70c5189d0ca9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f65c5715750c282cf482388402578c9065b246418d441babbdaad1e39a7375
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
42ec4b3e6b24caa338f574abe2cb683afa92895d62ec3f410bd457adf3cdfad1
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
461d3765135aab9f963807e46541b58a3c4b8e8a9111c036f70d63a8c4a30fce
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476aa2d7a84da45c9e8a0f13641016a5c8085f65ba2b7fce32e03fde1c95c3e1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da6d1cebb17eb10c2ddf35c5e4de57151d391b57f121048d8192bb5606c2a2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8dc1bcc58f4aa963546cb9eb8cc66c58cde616185749385ac1e8408299f056
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515563c93d8f56d0cb8e18cb4a1ee55aca2543f8f78822d96f479ca7f8c991f6
52b4629284d19524bcd23aeb739f07b4088581ce852004b8b763d5f74da26dca
55772ce46fd6bfaf9f52883fd3446e205f8f40f56d2d1221d145369f7fc04064
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56af375523d1ffb3f33e991a5668daec243766eb81c59f2952c95d078ad13c01
56bb5a6395b01de09987789f3cfb48d3856cf8644cbf692a03a4c32aa1fa4afd
56f9e28b8826b4592b202454ecf0fcac10f8bf6d5335de79102ede607cfef5f8
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
5ae45116e43190032bbeaedf5bf24980f6f838ff6650d1bb8da0103a94f22dc7
5b53a7c3682a61b7273e3f764633e527d5041cb33c4666707ab357d893226b59
5e95ff8c97512f62fbe14b834a15effcdbb9f889a587ab62f4d0411adf667948
600549da4b913b7bc87c29ace7cdb71ab18af1450edde0fc65b72e60a64aff84
611b4f822458cafc176aed8ea7700c5bc61b240970ddf487114a195745b72cd7
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6211618d5a40732adcffc6170ab268effcd23d2bdb52e4bb63f21beb0d502a61
6369615e86fa496df0947913f3125895bf37873f64b984cdb2b4018593454c75
63c61eb0827bf543a36e91a065822e9037160c953f3674e37448298eeb439151
64e7b9419ef130ab107ec8067bffaa6fddc8109bcb21e17e987e706c2dd248cc
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
67ceb97caf06aadcd3994b00e2b9d22e0f5b4dc405e5127cef728c5c7f7fbf1c
6874ae9768713bc153ca59dbb900d5b69e3169878b19a386aa53468beac8e531
68c90259bcc6c9f8ce8e61bda3b98b353e807dbb1a831df691c7c16b713a783e
6a0f81b6e13a4c342c4fec24fb53750ac9b942fe3d891c515eeb09669443d83b
6a3117beda6f7e887ba00469f0cbf5c88e6458e41d005d952d8dd61027e00912
6a596ab5527384287bbf13a19ecd5b1ebd4f00778a2658d3f0ea0f487fcfcde3
6a78bab0d488df72eca38980f3e77ea4e55ba40860b93213971a3326fc8c45a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c032ba7289a6560a84b6808a56b01fa01574017ad33b0981bb77600f48765ab
6c1dcc2fcdd4634fe8c4f9eb30ecaa6c944b039daa4261641419bbbef3adea7c
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
71027d64ceb49192efada89c7a9cf3e4987fc90c3a4e02edbc95ed20f9108cc1
713c6acd109fd24ddfb7b285383b0e9e5cfdb4c8d0211561f25bb296fe8e3879
7274f4c74c548cbc43a3fce5f87631a43bd64b707186c559482a540977c995e8
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b7d742e499d199463ae370ed7092eb1c077d6f5964a7eef556a129bb2794e8
72d65da2bd3d7db6a0776801af62663ff9ab941a8cdb6a58974a8f002cc36c35
73a9abace04b299113616f5eb0e1922d3a32b16b22f86ad48da080107d8b6c53
73a9e8c3f157a8ea8c7d393c63d47861a89bbc9b0f3fa525f51425084d584261
73f53ebc8d6267d938335fad203e7618164714d4e6568a57bc144d65f626d6f9
7419fe4ddfda61b50f08b51e66acc116aa7d6dbb8366aa606e7e3092f9f6e504
74df4908545bccf208a577926579ec97b600ddfff04826072eaac353d796e085
79c4089dd8b8a56d737ce6c84eaa86b5d948c3d9f08c0ebfda9f8d16ba9a3941
7b1ca48c8a81c3cdfafc2cb276206ba1fe5fcf6a63636316ebbe3fb5a935e6de
7b542ebfbfecfcdb14d099c9c8375bcb62d787e71ce17a01624186f26fbae8b4
7b78cd63c8bd4d81ce3262856c2d9d5fe7b3ffaea537ea038a7426f657b9df43
7d505857e80401c2e790dc37f248010d6d560939d1266a4ab25c8da4d6c9551e
7e5707941c0a5b7ec59a8e649930656f33ddc7dc3eef9dc00d3f08fce28ef93e
7e7309650868663bad5ffb3de950665eb9dc8b6ac5b68759ca57cf6c12d848c1
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
81fbeec1cb6f6bdc7f8ef5bf619a04c1e4d25d5ebbf2aa19d9fc37ff9b909396
823297171319da0a489f780895bda275d75f977c661dafe345d54198d781f265
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833ccb96c82008cec3fbee08b6983dd83909c2618e50ee2f6453c78deecf215e
841b24b6c5244cac344b14f615297898a75e17e40ce9c6c882b0fed8f89c8798
861ba4f310c188b9f4fc930bcfe1eda29cb73f6e7b18dbf79eb71ef46d5fe37c
868316285fd667c5bdeb213c796d76bcb4db143004b20aded8f6f6f96d5b48e6
887968ced83e0d2d8a07993f4d1bcca15d9d1786a15c20ee915f28029f7745fa
88bb62ab8413ef70017838e25737e466173fd27636bbd11c8b2520efb4267ac1
8b6bdf3366476afdbfd97ac77bb8f60502816fda17eaf8db7fb13f425a10403a
8c9fba713be2ea7e35b6e266736a713c00328d61759e401890794831b6db525e
8e29b5ac75c23335b5c7ec919b03f31a392111a385d5662e88876aa202a9d436
8e89d6c18dff9155be6cb340d81a43a87c5f4331e827fd046a9692da403e68bd
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f13db4b215835beb56fcab22b7d6e02abca56a62e517d6fb50d3f8109cba376
8f1987b77d326ae73f98cb278f166b064425dd38f5afdcc5f1bb4f49ba1ea54a
8ff9984e0c22e994ba9e18075b769baef53ab32d60bb33c327d7ae275acd61f8
913dc8af1d222561c09e107c8610a5f0166e663b3c119a79889f37f5597f0648
93a7296c64bab9cea88cf627a04abca75eea8286c96b185aa3b3e8d26890591f
962073cf06c6c9ef8d8bd2073ee16c0e6ae2298dd9dd491177182d0d7588a908
9798839211a3636fbf4b821f83bf4be56cb190be543dad8632b215a1b7b02f5b
97e2e3d7f578f8034153ffdb9429bce5e06ed2a8e7f12f8fd31870b2a5fbbe1c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6bfebea917f08deba04b6637efcaca96e05a3166b71f92ec7219152d5d253f
9d47247991d3e22b0adcdf63c581e07ef084cd52f342a7e4ca0e492e8c064b3f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ee130c21e03f08b413eafe6e53b9798fc637195b9dc5e24201348ce19c36ff5
a0359319be6c3e5b8ff3dd10965ba14fb1504671f602c58f9cf0e443ec9a9c0c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a088f976a6a0a44d164331db202c0d22ae2d6cd681345c33ae2724b47a8431dd
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a33693b6728570e7f62eaf833a21f3b435d21822f2c78d970c14ceae112fd206
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ac622d38ff7386ff10f9d4fdf98898e1c1b08963329333177455579c8e0acc
a7a182a2889bcf2c0002baaca1ec079dce09ec19bd5c7800651a2e9d100b0632
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8e9f7c66d3a7f928c706e4e56bce81e4398cf025f62df83ff49c1419104d87b
aa23dba484378fb62789c25a426be03ac3174765ffe94a0ec667d094c755de45
acecf7a5e2cf3c138368f1028b7bd72fbc948456e2819e315e47cdb282651282
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae85ada9cfd84fe4c669b94404ed6209e989e4f68945db57c1e2820c33a18c63
ae941e6c06daea098fee308d08f6d8a3f4b967b2e4273497e4722ca9a358945a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57654fc6addbe0f8be824f16a8c441684a44035f9d479ab2d4a27211ea4188c
b695d3cf843aa069b53f43ab5dc721943da2a366884af11a6ff1899d48e027c3
b7c2d9d533107b9af723f3eeacd75c1503c5bc25e567712b9a382dcbda112f96
b88fc8ac7ea815602271a41080cb64b4bb8ac1a1bd984c24a66b70f4da060550
b9ab3e93e548faceb7ab2dff70324e77efa5ddc9fbb53eb9228710622c569f4c
b9f8426ffb62c5e57a6a324322bef16c4f64bcc6624b5b33a42ee89d2982539c
ba69f749254ca9bfe7bc469d575644646b7fd4a456481a048d882e98d4b2e68a
bb56debcdc7328352e7009a0f29997211392e3ce4d344b49e184fc3b878b308d
bbd68abb7408d409f50e0ddf8a34e7b709876b8143d76ffd31576482a691c936
bd142af183857a6125f0298689da21484d28743442be20a399e13f8e96b3f889
bdc47f614cc6c097a54c3f84ae1f9d3fd4ef8bd4860a197c6ce2d29371fa4845
bde1a86ecba3297dd3584c4af191b993be29cfb6350ce63c5870e7f9da30a88b
be052c2daee754a589deeb0d29b5fcf6067fda6bacd16c84f99d2dd1da96784a
bea67b4ac031596589ff0e90093f7f853da5d1609daf24599b321c3d61a4cc75
bf68aba0ee8fc71deae4a2d3a52280fccb613da0a2cd7c2f83ee5445053dfe27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c422da34f22243506564af47c214fd7e819acf1839dadf47441dd3ba39abd6bd
c461ff90a396b258ae4a9ae5707588aeb2af074537683ce3fba9de5160dd62f9
c51488e62c69a64678cd7ae6369c19a7c912a52a9c7877d997844d34bfc4f9b2
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c593e33f1f123ec64d478409423dc6f494cb92e657db1cde304003a8f6f87e86
c6f465ac6e2d83d0d3c0ee76f492a21035ac0cd2deb9b0df3571d9d07201b828
c6ff6101ca068b82238438a842f953d4e21c33076913fa5d6e8f6489a3c26eb7
c7973d60074cd40519e027a693a9195e49b5d194ad335ff13610c3dd04ba1d62
c7a253af6fe7ba13f22185774e803b6f7375eb9c7ce46a604eb1bf0fb4ad6fa3
c84af3b2e049778bd7e4e7015dfb48f40457e4c7fbbc09caa005ef5aa13e4cd4
c87f34a185844c98fb99d6d2eac5a0248c0fcc38c956ed3508ae047cb190678a
c88dcba433bd2b02994481a5fda010aa8f717c1a6cdf64299a332cb2f8b82e5b
c891b903dbc2d45c67f6db4209a0a663bdef3ab067eab8c11e1949a642c01e41
c8dc716613268894c1b99a55f3d92462e60595ff3c1218c9d96d6277587eb699
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9f587a6bfc7f679437ceac342f8fa2ac30ee91a7af0772ecafca246fd04b921
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc1c9325899865cac362ceb3ef94a9f849a084151bcd5ee8e7a61c6f7a15b4b5
ccc38b8fec828c4f0db8a5241741260089560610824d161671f331854b93cc1f
cd6a56b0eedf2164ea26d50232cfe5f664b996fcdd0332c02d6fd9b683524886
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d1ca6f5ab9af057479d8c04887b3b072794f7d703b71c84251865bf830a08bc8
d2dce6ad4eb0a26d1309d112249d3cacd3d0b00d2c8bd1da58cbeeba371d2346
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d59eb87bfbf978be8572a1c8cc7cf017645bf6538fece8c0760c690e1245ee35
d6ac2354bea6ca977f55564e16567b873cf85b6da608b313948f5e5d2d7523ab
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9bcdd72fa5c62e032dfa12ed7ef239863ff15dffe8e87462441d79a68a69cd0
db30143f1c2b83ead5e6daf51323589300e7854d7f78c09eeff66365e1b9e584
dd1eb20bd3af11c55034b224e05afa9b9d5ffece0a0eeb6457f2d17cebe88093
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb16d1c0468d1d4a9bdce34611a6abc10ba8616975a687dc8fa70eb120c34b2
dfdc131f824b1ae5d563ef8b06b7642d42c3607d213b74ad72033984889bc1b4
e0895d253627a1d68cbd5a7c905b3b91760943c8d613544293d4fba1f16241c0
e1473fbc3e9521e6eac81ce245b8eb07588acdeaafd89e78cd26b1185a60f6bc
e342a1098ee58e3a90450252944873223e31164cf523a118970837d28ea99caf
e3811302dec9cedfe06b861e4b204ac93f1747adec27a30c09ccbb3d8d919396
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e45f098abc00b84ed7affc3b656104a67762dcacb125e16b6ce3d2d0c485e6ff
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d188964bef755f9e8e2d41d114fcb23d3d695224683166af63c63cfd4ab941
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e814cb8be95a08e7e11e8069723410678cdb023dca270a876bce9cbdded424c8
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb2a1a8193721d57b0b3dccb36c4c65bd079eed582855261b3b1801046b1c29c
ec4323cc1965b37380d512f16d28517d7ab36294ea87b5129ff9dc75197fda4a
ecc4205eea74aa9c021f4372f0af1912e7e68e23ddef7febd7482e2c2e0afc47
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1123fb1f32516a5fcc033f95d32f6aaf0fedc95dfa47fa699a17b79470c126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4552d692dfbeff75f419473d418160cab77f5d5df75e0eb71677a103d521b60
f4980b4465c10e41a375ace342bdf82c91d73faaa7029c71c279fc188cd85ef6
f4cbc003e83946002ce9791bb7d9cf2ed505207dc7e5e786919d726c0c357736
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51d01b579c673ebad56e6adad52df632ad00c766060980718c06b6c76a23fc1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f618c253623c3a2d0fee0d2427f1ac8b10c1927ab9a6d1f91d710a2ce0e07a7e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9600e61184bf4d3e0953d492e8fceaaaada4055d8f49bb2e71ff88fec2f4ee3
fc62f01a9a000691ec8548fee72ffd99e066d8951ff376a6bbdac1685fb74a25
fc7f90033595967517f150decb32769bdf652cd7827c34cca03547a6e4a6e5b4
fd3562eba8add5cce59c21ef0307489522a7ee3a0dd63599b9b16a282d64664b
fdef3705c7951ad3cbe8ee801c2da8128f30453c86b7fa48e4f01e31729f5fd1