urlscan.io logo urlscan.io
SecurityTrails logo

shrinke.me Open in urlscan Pro
2606:4700:3035::6815:5a17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shrinkme.io/Lx6EqkS
Effective URL: https://shrinke.me/Lx6EqkS
Submission Tags: falconsandbox
Submission: On June 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 11 countries across 86 domains to perform 398 HTTP transactions. The main IP is 2606:4700:3035::6815:5a17, located in United States and belongs to CLOUDFLARENET, US. The main domain is shrinke.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time shrinke.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 11 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.32.11.177 16509 (AMAZON-02)
3 192.243.59.12 39572 (ADVANCEDH...)
1 146.59.211.253 16276 (OVH)
1 151.101.112.193 54113 (FASTLY)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.196.151.230 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 52.34.145.6 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 37.252.172.37 29990 (ASN-APPNEX)
7 178.250.2.131 44788 (ASN-CRITE...)
3 103.132.192.30 138552 (RTBHOUSE-...)
4 136.144.59.88 54825 (PACKET)
4 88 2606:4700:20:... 13335 (CLOUDFLAR...)
3 7 46.249.52.249 50673 (SERVERIUS-AS)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2.18.233.180 16625 (AKAMAI-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
46 50 185.33.221.90 29990 (ASN-APPNEX)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 5 2a02:2638:1::13 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
2 8.241.88.249 3356 (LEVEL3)
21 104.18.16.65 13335 (CLOUDFLAR...)
6 2a02:2638::3 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
3 104.19.133.80 13335 (CLOUDFLAR...)
2 51.75.146.199 16276 (OVH)
2 5 52.48.248.240 16509 (AMAZON-02)
4 14 13.248.242.197 16509 (AMAZON-02)
1 185.184.8.65 204995 (RTB-HOUSE...)
2 151.101.13.108 54113 (FASTLY)
2 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.6.241 198622 (ADFORM)
1 213.155.156.166 1299 (TELIANET ...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
14 185.64.189.110 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
5 5 52.49.238.187 16509 (AMAZON-02)
25 25 172.217.16.130 15169 (GOOGLE)
1 185.86.139.114 201081 (SMARTADSE...)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 1 188.165.137.78 16276 (OVH)
6 185.64.190.80 62713 (AS-PUBMATIC)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 173.231.180.197 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 151.101.13.44 54113 (FASTLY)
1 199.232.137.44 54113 (FASTLY)
3 3 185.29.135.226 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
3 3 146.59.148.16 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.190 36351 (SOFTLAYER)
2 2a00:1288:110... 34010 (YAHOO-IRD)
21 21 3.126.56.137 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 3 151.101.114.49 54113 (FASTLY)
3 3 3.124.46.162 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
2 2 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 185.33.221.91 29990 (ASN-APPNEX)
1 1 52.18.52.16 16509 (AMAZON-02)
7 46.249.52.248 50673 (SERVERIUS-AS)
2 2 2a00:7c80:0:1... 49981 (WORLDSTREAM)
16 178.162.133.149 60781 (LEASEWEB-...)
16 16 88.212.252.2 7979 (SERVERS-COM)
8 8 88.214.206.142 46636 (NATCOWEB)
16 57 2.18.234.21 16625 (AKAMAI-AS)
8 67.202.110.23 32748 (STEADFAST)
8 51.89.9.254 16276 (OVH)
4 4 34.231.105.138 14618 (AMAZON-AES)
8 8 216.52.2.48 29791 (VOXEL-DOT...)
8 8 3.126.63.176 16509 (AMAZON-02)
8 16 52.94.232.32 16509 (AMAZON-02)
2 2 185.183.112.148 60350 (VP)
3 3 54.236.220.178 14618 (AMAZON-AES)
3 3 52.57.110.162 16509 (AMAZON-02)
4 6 104.111.242.53 16625 (AKAMAI-AS)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 2 135.125.8.70 16276 (OVH)
3 52.4.236.19 14618 (AMAZON-AES)
3 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 34.249.79.128 16509 (AMAZON-02)
398 75
3    2606:4700:3032::ac43:d1fe (United States)

ASN13335 (CLOUDFLARENET, US)
shrinkme.io
8    2606:4700:3035::6815:5a17 (United States)

ASN13335 (CLOUDFLARENET, US)
shrinke.me
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
11    2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
media.vlitag.com
stats.vlitag.com
1    13.32.11.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-177.vie50.r.cloudfront.net
d1r90st78epsag.cloudfront.net
3    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
praiserevision.com
1    146.59.211.253 (France)

ASN16276 (OVH, FR)
PTR: ip253.ip-146-59-211.eu
coccusadmanlob.com
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
5    2606:4700:10::6816:3181 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    34.196.151.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-151-230.compute-1.amazonaws.com
leaderhistliness.info
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    52.34.145.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
exchange.adtrue.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs-simple.com
7    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
88    2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
7    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
5    2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
tag.vlitag.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:1450:4001:4e::b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5e6ney.googlevideo.com
13    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700:3038::6815:eb9b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
50    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    8.241.88.249 (United States)

ASN3356 (LEVEL3, US)
cdn.run-syndicate.com
21    104.18.16.65 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
s-img.adskeeper.com
6    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.19.133.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
2    51.75.146.199 (France)

ASN16276 (OVH, FR)
id5-sync.com
5    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
14    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
14    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
25    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
1    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
3    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
21    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    3.124.46.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
7    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
sync.e-planning.net
u-ams02.e-planning.net
2    2a00:7c80:0:121::2 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
ufo.approximity.com
16    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
16    88.212.252.2 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
8    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
57    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
8    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    34.231.105.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
8    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
8    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
16    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    54.236.220.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-220-178.compute-1.amazonaws.com
sync.extend.tv
3    52.57.110.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
6    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
3    52.4.236.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
3    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    34.249.79.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
88 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
37 KB
57 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
62 KB
53 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
80 KB
39 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
271 KB
27 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
114 KB
23 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
19 KB
21 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
s-img.adskeeper.com
278 KB
17 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
6 KB
16 amazon-adsystem.com
s.amazon-adsystem.com
8 KB
16 betweendigital.com
ads.betweendigital.com
7 KB
16 sonobi.com
sync.go.sonobi.com
8 KB
16 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
media.vlitag.com
stats.vlitag.com
409 KB
14 adsrvr.org
match.adsrvr.org
5 KB
14 e-planning.net
ads.us.e-planning.net
sync.e-planning.net
u-ams02.e-planning.net
5 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
1 MB
9 adtrue.com
cdn.adtrue.com
exchange.adtrue.com
180 KB
8 advertising.com
pixel.advertising.com
3 KB
8 lijit.com
ap.lijit.com
4 KB
8 onetag-sys.com
onetag-sys.com
6 KB
8 33across.com
ssc-cms.33across.com
8 admanmedia.com
cs.admanmedia.com
3 KB
8 shrinke.me
shrinke.me
230 KB
6 owneriq.net
px.owneriq.net
2 KB
6 criteo.net
static.criteo.net
160 KB
6 google-analytics.com
www.google-analytics.com
38 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
3 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
118 KB
4 advangelists.com
nep.advangelists.com
897 B
4 dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
663 B
4 adgrx.com
cm.adgrx.com
2 KB
4 adform.net
c1.adform.net
2 KB
4 a-mo.net
prebid.a-mo.net
1000 B
4 creativecdn.com
prebid-asia.creativecdn.com
prebid-eu.creativecdn.com
688 B
4 adnxs-simple.com
ib.adnxs-simple.com
3 KB
4 recaptcha.net
www.recaptcha.net
22 KB
3 adentifi.com
rtb.adentifi.com
264 B
3 w55c.net
pm.w55c.net
2 KB
3 extend.tv
sync.extend.tv
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 everesttech.net
sync-tm.everesttech.net
1001 B
3 onaudience.com
pixel.onaudience.com
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 adskeeper.co.uk
cdn.adskeeper.co.uk
4 KB
3 praiserevision.com
praiserevision.com
3 shrinkme.io
shrinkme.io
160 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 adotmob.com
sync.adotmob.com
1 KB
2 approximity.com
ufo.approximity.com
558 B
2 sitescout.com
pixel-sync.sitescout.com
636 B
2 turn.com
ad.turn.com
943 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
779 B
2 taboola.com
trc.taboola.com
match.taboola.com
653 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 id5-sync.com
id5-sync.com
1 KB
2 run-syndicate.com
cdn.run-syndicate.com
17 KB
2 cdn-adtrue.com
cdn-adtrue.com
2 KB
2 googlevideo.com
redirector.googlevideo.com
r5---sn-4g5e6ney.googlevideo.com
996 B
2 googletagmanager.com
www.googletagmanager.com
71 KB
1 demdex.net
dpm.demdex.net
1 rfihub.com
p.rfihub.com
777 B
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
486 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 nrich.ai
dsp.nrich.ai
489 B
1 quantserve.com
pixel.quantserve.com
542 B
1 simpli.fi
um.simpli.fi
611 B
1 contextweb.com
bh.contextweb.com
462 B
1 ad4m.at
ad4m.at
1009 B
1 erne.co
green.erne.co
325 B
1 loopme.me
csync.loopme.me
212 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 de17a.com
d5p.de17a.com
134 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 googletagservices.com
www.googletagservices.com
21 KB
1 leaderhistliness.info
leaderhistliness.info
21 KB
1 imgur.com
i.imgur.com
17 KB
1 coccusadmanlob.com
coccusadmanlob.com
1 cloudfront.net
d1r90st78epsag.cloudfront.net
94 KB
1 jquery.com
code.jquery.com
29 KB
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
398 86
Domain Requested by
80 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
50 ib.adnxs.com 46 redirects cdn.adtrue.com
ssum-sec.casalemedia.com
30 dsum-sec.casalemedia.com 8 redirects ssum-sec.casalemedia.com
25 cm.g.doubleclick.net 25 redirects
24 ssum-sec.casalemedia.com 8 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
21 ups.analytics.yahoo.com 21 redirects
16 s.amazon-adsystem.com 8 redirects ssum-sec.casalemedia.com
16 ads.betweendigital.com 16 redirects
16 sync.go.sonobi.com sync.quantumdex.io
14 simage2.pubmatic.com ads.pubmatic.com
14 match.adsrvr.org 4 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
13 ads.pubmatic.com shrinke.me
cdn.adtrue.com
ads.pubmatic.com
sync.quantumdex.io
8 pixel.advertising.com 8 redirects
8 ap.lijit.com 8 redirects
8 onetag-sys.com sync.quantumdex.io
8 ssc-cms.33across.com sync.quantumdex.io
8 cs.admanmedia.com 8 redirects
8 shrinke.me shrinke.me
7 ads.us.e-planning.net 3 redirects shrinke.me
assets.vlitag.com
7 bidder.criteo.com assets.vlitag.com
cdn.adtrue.com
static.criteo.net
7 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
6 px.owneriq.net 4 redirects ssum-sec.casalemedia.com
6 image2.pubmatic.com ads.pubmatic.com
6 cm.adskeeper.com jsc.adskeeper.com
6 c.adskeeper.com jsc.adskeeper.com
shrinke.me
6 static.criteo.net cdn.adtrue.com
static.criteo.net
assets.vlitag.com
6 assets.vlitag.com tag.vlitag.com
shrinke.me
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 sync.e-planning.net sync.quantumdex.io
5 match.prod.bidr.io 5 redirects
5 gum.criteo.com 2 redirects static.criteo.net
5 cdn.adtrue.com shrinke.me
exchange.adtrue.com
4 ms.quantumdex.io 4 redirects
4 nep.advangelists.com 4 redirects
4 cm.adgrx.com ads.pubmatic.com
ssum-sec.casalemedia.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 mug.criteo.com
4 useast.quantumdex.io assets.vlitag.com
4 prebid.a-mo.net assets.vlitag.com
4 ib.adnxs-simple.com assets.vlitag.com
4 exchange.adtrue.com shrinke.me
cdn.adtrue.com
4 tag.vlitag.com services.vlitag.com
tag.vlitag.com
4 www.recaptcha.net shrinke.me
www.gstatic.com
4 fonts.googleapis.com shrinke.me
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 casale-match.dotomi.com 3 redirects
3 rtb.adentifi.com ssum-sec.casalemedia.com
3 pm.w55c.net 3 redirects
3 sync.extend.tv 3 redirects
3 x.bidswitch.net 3 redirects
3 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
3 pixel.onaudience.com 3 redirects
3 sync.mathtag.com 3 redirects
3 s-img.adskeeper.com shrinke.me
3 servicer.adskeeper.com jsc.adskeeper.com
3 cdn.adskeeper.co.uk shrinke.me
jsc.adskeeper.com
3 jsc.adskeeper.com tag.vlitag.com
3 stats.vlitag.com tag.vlitag.com
3 prebid-asia.creativecdn.com assets.vlitag.com
3 praiserevision.com shrinke.me
3 shrinkme.io 1 redirects shrinke.me
2 gu.dyntrk.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 sync.adotmob.com 2 redirects
2 u-ams02.e-planning.net
2 ufo.approximity.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 ad.turn.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 acdn.adnxs.com cdn.adtrue.com
2 id.crwdcntrl.net ads.pubmatic.com
2 id5-sync.com ads.pubmatic.com
2 cdn.run-syndicate.com exchange.adtrue.com
cdn.run-syndicate.com
2 hbopenbid.pubmatic.com cdn.adtrue.com
2 cdn-adtrue.com exchange.adtrue.com
2 services.vlitag.com shrinke.me
services.vlitag.com
2 www.googletagmanager.com shrinke.me
tag.vlitag.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 d5p.de17a.com ads.pubmatic.com
1 prebid-eu.creativecdn.com assets.vlitag.com
1 r5---sn-4g5e6ney.googlevideo.com shrinke.me
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 cdn.jsdelivr.net assets.vlitag.com
1 www.google.de shrinke.me
1 www.google.com shrinke.me
1 securepubads.g.doubleclick.net www.googletagservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagservices.com tag.vlitag.com
1 leaderhistliness.info shrinke.me
1 i.imgur.com shrinke.me
1 coccusadmanlob.com shrinke.me
1 d1r90st78epsag.cloudfront.net shrinke.me
1 code.jquery.com shrinke.me
0 ums.acuityplatform.com Failed ssum-sec.casalemedia.com
398 124

This site contains links to these domains. Also see Links.

Domain
shrinkme.io
blog.shrinkme.io
forms.gle
www.facebook.com
t.me
valueimpression.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
praiserevision.com
R3		 2021-05-20 -
2021-08-18		 3 months crt.sh
coccusadmanlob.com
R3		 2021-05-29 -
2021-08-27		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
misc.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
leaderhistliness.info
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-06-01 -
2021-08-10		 2 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
cdn.run-syndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-30 -
2021-06-30		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh

This page contains 80 frames:

Primary Page: https://shrinke.me/Lx6EqkS
Frame ID: 0521875EB5ABB8E6942C88A0EFD80C7D
Requests: 74 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Frame ID: 6266B17857682ED35972E31FBB57B7EE
Requests: 13 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Frame ID: 3B09CCB81E185F447808681D7842C204
Requests: 13 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
Frame ID: 57FB882E443AA1F62243154286C23F9C
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=t0zm47vw65bq
Frame ID: 9123E591F683C909D08350BAEDAD615D
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 8A951263D8E5188847A52CB2BE680863
Requests: 4 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 4BE87BB7950E16AA812284472D3C868F
Requests: 3 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29441&divID=vi_850929441_816&w=320&h=100
Frame ID: 63B6AFFEC5439D86A9A7226FDE4A6754
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: 94FA1D9D7E4A6B68C7F665A729649B27
Requests: 5 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29441&divID=vi_850929441_628&w=320&h=100
Frame ID: 5F8BA7E8301DACBB251481E32B628E13
Requests: 11 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29440&divID=vi_850929440_660&w=970&h=250
Frame ID: E038E659D3B067D324490AAA4D9705B0
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
Frame ID: CB3FF13727318FB10B49AFC1644BADA0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1623589753026945011190
Frame ID: 85BF29FE89F7A54559C861A6496C2A1C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1623589753051521761625
Frame ID: 553E3B49CED61300E45C0FAD07AA07BE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1623589753077109506354
Frame ID: C87D318360223F2BEDA18BBF7F039DD6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F533D5A6A031CB6FFF465E9A072E333B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 32B2BB2310F716E6DB0E1223D2F1BC4D
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F2CDF52F66D18D1BC03AF852F5907860
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 735A214A89201ACCD8DB93DFD4F67564
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
Frame ID: 0F92FEFC3850D76390B2CBC642781FA4
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 150D8BAB99BB6DEE5722586ABF136D93
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: AF7E8275C3576B8C8BE9669708233C4E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973264899853056144
Frame ID: 950EBB0AEEC88EA21BDF5B49BBB2EB9F
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACzoU7BjAcAADKa3BX-Xg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: FAE469F17B29CD0A5952D6D1DDBFA907
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003
Frame ID: 7301A7C1FFDDA68030A76D19534B9630
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 47094B823CE993BCA45667AC576A957E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6paJeQGTacL9Br1SC9MW-E1
Frame ID: AFDA9FA684A83F7B78C59AD0772863CD
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 61E43DAB11E7B1B6990D1F46D7CE24A4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F2B5EF8B18A80AD0FBA4BB3F120CE1C8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CC927E6CD3D896ED3104091C3998590C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=tw3sux7RXqtP&pid=557219
Frame ID: B950100F670DD281DFCDDA9E3C66107E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 99D7E04B4FEEBE9D74915676DB59999F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: F76AD38A995E000518825ECEBD3964B8
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 5E99F74CE8355A08BD883B2E38C247CF
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: A87564A5177CD3E4142D3DCF11A78FF2
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: FA1E0341A7012DA983CCBA98581FFF44
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: AF5B8C3870AF714681A97C7C7298301C
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: AFFD69A20CE6E4822D961BCAAEBE8A74
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: EE3B941AC6DF88209319B20E1FEA00EB
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 77C44C18A217C68629C079B9289E1487
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 72D08260A76C8B792DF05D2F39CD55BF
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: B8B5F10507D8B99628148734D22264F2
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: EE8C212E389BA0ED843AADA2C016F959
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: ECB591E39C920224B6C8EFB77BC214D0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 22BDD260FC68C901184E787BBE8F11B2
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 358FC67D4F21BF1C7B43E6361FC32DDF
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: BB9E2E9D948F3EB9EB3D0FEDAFD33C63
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 1EE2941DA5B5CDDCA654A2B3D018E76B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: A8B4E6D9CA501446CA50C0428A48A4E3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5F49DC91304C6A48E3C98F086D025974
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 224AE924DBCC669152AE0A29CB5279E8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 7AFC04A59F4FAB458BE9EBD175A37DC4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FF48E9EC3FE207EAC168452EF35278E3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: E7A65141B6654DA4DF5D286447947133
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: BF62BD918A0A1AA8E34B8B67A8266377
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 24BC0CC80AC347EF3F63A3932D42FF83
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 97E7D6808B70A60545918276D2A587C6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 78D6A0AD0C5E5F83FB9FE948808CAC9B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 990AEE15FA9AF9A7C85DA63FB204CC34
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 6B4F2E8B0390B6EC88CB819A141E2A8D
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 1604ED9F29EF1E9055DB207ED85C63DC
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 9F00CC8C8116AD7CC55986A9E5E3E93C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 2C7DDE9B0A4DDBF5AEDE3B34959FAAA4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 852961A379CEE9FFBC8522683D69C587
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: E8D63DEB9EAC1F63D19555ECE32872CC
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: E9C60A01193708740101B9E07636E4C6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 51D7E559BCAAA8340B6DF379E2641F51
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 7E0E934B014BEC7201A5EB935EB6BD60
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 8ED334A0750C6E7286A5F5A16FD0E950
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 6F1F177D4729848D10936A5071D6C5D5
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: FFF82F1F147D6254D67376836AC76851
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 0C24FA082B317DEC7D5735582345EC9C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: AA00BCB83C079F99AD5864E1084EA7F9
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 9A6154024651DDFEDAC78DC5F9BE94F0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 529ED77555819634624ABF7AE7E0FDA9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 665FD4BC3F7A7845B6DA38678C6247CD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 02623CCAC42952492A9B74CF9E8B6909
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 01B36A7CBB382A7FF8A24DD77C1D4E79
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 51E5361AC97E02CD347269021F68C9B9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 04FBB06008DBFD0D0B08EF88B6DAC00F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://shrinkme.io/Lx6EqkS HTTP 301
    https://shrinke.me/Lx6EqkS Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

398
Requests

100 %
HTTPS

32 %
IPv6

86
Domains

124
Subdomains

75
IPs

11
Countries

3629 kB
Transfer

7963 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shrinkme.io/Lx6EqkS HTTP 301
    https://shrinke.me/Lx6EqkS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Request Chain 54
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Request Chain 55
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Request Chain 62
  • https://media.vlitag.com/vid/?id=r8AoVMBwjcc&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1623608247&ei=V_fFYJumNJOvxN8PuOyQ2A0&ip=54.229.35.238&id=o-AAc5lVHoG-L_7O2gYj3U9V4QxBLVg34xevXLY90aLsS6&itag=22&source=youtube&requiressl=yes&mh=eI&mm=31%2C26&mn=sn-q0cedn7s%2Csn-5hne6nlk&ms=au%2Conr&mv=m&mvi=5&pl=17&initcwndbps=1235000&vprv=1&mime=video%2Fmp4&ns=9012yHLj5NUWv_Op-On1KwoF&ratebypass=yes&dur=307.989&lmt=1614587910266558&mt=1623586363&fvip=5&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=dAgPWzOy9wb1RjR5j4D&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgfDq39GzhCkA2sycZwSSD41bhiROhbLIIUV3iSMseR3wCIAlaFKh7UidgFWU-AvQcjr9CshxvF7IkbMOcY-Q7Swvt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJNZ_lw28KSYGAFcIeHkKHDAaT4V7mLbXjW1aXImUIlAAiEAoChfegVFLvOujADfSHv1sZSpLLZug9Qq49GKBpJ_cxs%3D HTTP 302
  • https://r5---sn-4g5e6ney.googlevideo.com/videoplayback?expire=1623608247&ei=V_fFYJumNJOvxN8PuOyQ2A0&ip=54.229.35.238&id=o-AAc5lVHoG-L_7O2gYj3U9V4QxBLVg34xevXLY90aLsS6&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=9012yHLj5NUWv_Op-On1KwoF&ratebypass=yes&dur=307.989&lmt=1614587910266558&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=dAgPWzOy9wb1RjR5j4D&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgfDq39GzhCkA2sycZwSSD41bhiROhbLIIUV3iSMseR3wCIAlaFKh7UidgFWU-AvQcjr9CshxvF7IkbMOcY-Q7Swvt&cms_redirect=yes&mh=eI&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6ney&ms=au&mt=1623589256&mv=m&mvi=5&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKjWF-TXOwaVFpkRiGR0lht_o2sEgS5Olong3z_unWeNAiBMG_AXygrw_G84kLJQe1-mLOZq3EyUZv1F9oKcyDYcsA%3D%3D
Request Chain 86
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=uOKp7nxaR0JzSjdROWs0WnZjTEhyWjhrTk5WOEJla3BKRng2WlRCUEUyM2hjRkxDWDJXK21KWnhvQ21kZnpPbXphOFNObkltYU5Mb0FJN3hPSFkwSUd3anBlMjQ4bFlUVkc4Q1h4OExvTE50WkVLcVNhcWhMTlk1UkZiemVFd0NNWXkzWmc3aG9aMG9IenhkSHMyRGp3MklZeWlQQ3hxb2xFajVFcmJ2U2NNUVZ4YnNsZk9kNlI5VEQvYUc2dWRTZCt1Z3dyTlNOYitMd3FpT1orQjVONDd1WHNBM2tsSUNlazh4NnVPR3pMSW8vY2h3PXw&cppv=2
Request Chain 89
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=XF8nJ3xQOHZpZ0xBVzdncVlzSzVYdzMzQ0FkMHRGWmpTMUJtd3lnVGJjM3FZeDJ6R01KVGZ5bkVsby9NUlJNd1ovWmpLK1owZllQblU0NFpXeDJNOE1kajNMeGJvUFZzaHBDRVI5dmlUdS9ONDhZTHN0ak56TVhaRmlnaXk3eVQ1WFZIZ1E5Yk5Zd3RFQkZmNTJiS2toSEl3ZmgzTGNUVFdjRnpsellRSlNuWCthTE1ETmhnMUYrc3NxTGJPdXBESGJXV3VRWjd1QzExM0VlZzVBNGRZNWUzQmd3PT18&cppv=2
Request Chain 168
  • https://c1.adform.net/serving/cookie/match?party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
Request Chain 170
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 171
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973264899853056144
Request Chain 172
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDem9VN0JqQWNBQURLYTNCWC1YZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDem9VN0JqQWNBQURLYTNCWC1YZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACzoU7BjAcAADKa3BX-Xg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 173
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3087873048 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e63cc43e-7d6b-4530-97b2-7c036c50e96c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003
Request Chain 174
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 175
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6paJeQGTacL9Br1SC9MW-E1
Request Chain 178
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 179
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=tw3sux7RXqtP&pid=557219
Request Chain 180
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KabuSGIRSAqM3D0KyqMkOQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KabuSGIRSAqM3D0KyqMkOQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 182
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dee60c6-037b-4700-a898-28b1f6735869
Request Chain 183
  • https://pixel.onaudience.com/?partner=214&mapped=29A6EE48-6211-480A-8CDC-3D0ACAA32439 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=cde3c64e83752fd6a2772dcca0882789 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=9fa87f2c-4559-4203-bc03-c7a21252b472&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=68a6d1aedcff4502 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79a9c658-8253-4d9d-5710-8e13048e54f6&reqId=039f1034-0fd7-4368-4272-07f1a8595486&zcluid=68a6d1aedcff4502&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDo_OpKoeOGfeWEn5eyZovg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79a9c658-8253-4d9d-5710-8e13048e54f6&reqId=039f1034-0fd7-4368-4272-07f1a8595486&zcluid=68a6d1aedcff4502&zdid=1332
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlBNkVFNDgtNjIxMS00ODBBLThDREMtM0QwQUNBQTMyNDM5&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlBNkVFNDgtNjIxMS00ODBBLThDREMtM0QwQUNBQTMyNDM5&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyafR9K7t8YA9BMP5dX71M&google_cver=1
Request Chain 187
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c9260c6-037b-4300-a2ef-0017ba0190d8&gdpr=0&gdpr_consent=
Request Chain 188
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5732227715315718058
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e63cc43e-7d6b-4530-97b2-7c036c50e96c
Request Chain 190
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8905366246266292173&gdpr=0&gdpr_consent=
Request Chain 192
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29A6EE48-6211-480A-8CDC-3D0ACAA32439&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QrQQ2r1E2uWm_525ST5vy_4lWgMmYiw-~A&gdpr=0&gdpr_consent=
Request Chain 193
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hmt8RhhoKBIFbnoUSWMyEx5vLkQFaHsRSW87_rfc
Request Chain 194
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMYDewABvdrhhAA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMYDewABvdrhhAA4&gdpr=0&gdpr_consent=&_test=YMYDewABvdrhhAA4
Request Chain 195
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f535ed4d-bc80-4400-b5e5-d526aa8b9960&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=bb453be9-77a5-4824-a8e3-4663208b396e&expires=1&user_group=5&ssp=pubmatic&bsw_param=f535ed4d-bc80-4400-b5e5-d526aa8b9960 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f535ed4d-bc80-4400-b5e5-d526aa8b9960&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 196
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7362372181454899982&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 198
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a21b4a58-83c3-49b7-b2dd-4c344bf60956&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 199
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 200
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1082203800404637719
Request Chain 201
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4af2bd86-5788-4a79-b61e-6ac9c31e270c
Request Chain 210
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-uzwI9i5E2uHJVNmpdv_PDf8CE7cdUmgWudsEKOg-~A
Request Chain 211
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3Ddd133f9ec00aa7ed HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=dd133f9ec00aa7ed&uid=020000005D03C6600F16BE70027CC6E2
Request Chain 212
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3Db09cf0e4f38e45d0 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=b09cf0e4f38e45d0&uid=020000005D03C6600F16BE70027DC6E2
Request Chain 213
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jUKq2ehE2uF2tsryYPctqtxdhEb9dprr.klIXAU-~A
Request Chain 214
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
Request Chain 216
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 217
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 218
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3666078660506942530
Request Chain 219
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6894404040182076459
Request Chain 221
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 225
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 226
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5584759057284077966
Request Chain 227
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 228
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7921775277216546723
Request Chain 229
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=9181297625481880039
Request Chain 230
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
Request Chain 233
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 237
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 238
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8140979084321353528
Request Chain 239
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5550114133098968928
Request Chain 240
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4872801305260294598
Request Chain 241
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-35fdbae6-5a49-4e98-b371-decbd3a23e42
Request Chain 242
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-BHbtb3ZE2uGq2GDXC0BtWrKNIpYWemvPDmv8UJQ-~A
Request Chain 243
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3b172767e1479757c4d3b398
Request Chain 244
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
Request Chain 246
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76a151be-6d7a-4b11-85b3-000f5c11f684
Request Chain 247
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 249
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 253
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5d1a4580bed4b91d87e46c62
Request Chain 254
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1531160393633334692
Request Chain 255
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e48f70f-cc48-11eb-b24a-0689dbab2d22 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f70f-cc48-11eb-b24a-0689dbab2d22
Request Chain 257
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=06695837-ee96-4148-a9a3-000a2f8bf10d
Request Chain 258
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 259
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 260
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=353978007415450317
Request Chain 261
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1141823912966532412
Request Chain 262
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-cf02db6b-553b-4724-b1be-b032009dc726
Request Chain 263
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 269
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 270
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1781140674783350467
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=313683194098244285
Request Chain 272
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4460293866837164126
Request Chain 273
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-96cbcd8c-fdc5-4db5-9484-1018f90e21d8
Request Chain 274
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tqORMeNE2uHi.TkPrtH6cq2Hln_ylZ4DbfQmw9Q-~A
Request Chain 275
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f629aff874861daeb0546f9
Request Chain 276
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
Request Chain 278
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 279
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
Request Chain 281
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 285
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6967112891132531767
Request Chain 286
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8644186993141574270
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6838199116162888659
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DKhIaytE2uGe2t77ZMKljf.iZF2oN1RzH3hedz0-~A
Request Chain 290
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 291
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 293
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 297
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 298
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3870844058052783842
Request Chain 299
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 300
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6598729735887820033
Request Chain 301
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1082203800404637719
Request Chain 302
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-t4r1hI1E2uHv.dhMrxUQ9WRVC32PzSM8n2G2x8Y-~A
Request Chain 305
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 309
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Request Chain 310
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
Request Chain 311
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=533308008613450893
Request Chain 312
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533308008613450893
Request Chain 313
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39829b1c-3e1d-4af0-8f44-7c7d2335bced
Request Chain 314
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Ci6NugVE2uGSWuC3tcMJIwaX7nsvtR1HGTW7nmo-~A
Request Chain 315
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a2035afa4a3d74d9c3b0cf47
Request Chain 316
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e54417d-cc48-11eb-8701-0640cfc6fe14 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e54417d-cc48-11eb-8701-0640cfc6fe14
Request Chain 318
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
Request Chain 319
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Request Chain 321
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 331
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB&dcc=t
Request Chain 333
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfFLsWAKiTepFLQBxjwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Request Chain 334
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065822040053d5a688a871ed&expiration=[EXPIRATION]&gdpr=1
Request Chain 336
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ab27a708-1aa3-4acc-8cf9-5f55412989df
Request Chain 337
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 340
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB&dcc=t
Request Chain 342
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfFLsWAKiTepFLQBxlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Request Chain 343
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 344
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5db52ed2-624c-42a1-8516-ffa9dfec2753
Request Chain 345
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06582204006ba7e0f5906f46&expiration=[EXPIRATION]&gdpr=1
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 349
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB&dcc=t
Request Chain 351
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfHPqOiYwYblFm1JKBQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Request Chain 355
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6768761591388479852&uid=Q6768761591388479852&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 357
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB&dcc=t
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 359
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfCgCVyYpZwlPHzN22gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Request Chain 361
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626181757
Request Chain 362
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=94f99cf3-52aa-4387-9420-fedba1d0b543
Request Chain 363
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020803220300
Request Chain 364
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6768761601662193721&uid=Q6768761601662193721&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 367
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB&dcc=t
Request Chain 369
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfDKWVYdYuPun-RoZXwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Request Chain 370
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 375
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfPltKRMeax2AtomlUQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Request Chain 377
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfPltKRMeax2AtomlUQAABGQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfPltKRMeax2AtomlUQAABGQAAAAB&dcc=t
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfPltKRMeax2AtomlUQAABGQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 379
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7362372181454899982
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4c860c6-037d-4900-b8b5-4f462d8d7d6d&gdpr=1&gdpr_consent=
Request Chain 381
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
Request Chain 382
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 385
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB&dcc=t
Request Chain 387
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfTS4R5xfhUKQnfN1.AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
Request Chain 388
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
Request Chain 390
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
Request Chain 393
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfSi.U38KD9D7Nbc0OgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB&dcc=t
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Request Chain 399
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
Request Chain 400
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1

398 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Lx6EqkS
shrinke.me/
Redirect Chain
  • https://shrinkme.io/Lx6EqkS
  • https://shrinke.me/Lx6EqkS
22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95fa728ab221d1faa6dcfeb2ad412333fe11f33436622dd4e5ca831775aa229f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
shrinke.me
:scheme
https
:path
/Lx6EqkS
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:09 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
set-cookie
lang=en_US; expires=Wed, 08-Jun-2022 13:09:09 GMT; Max-Age=31104000; path=/ AppSession=5ce1a5f6089d072430b5b3b53b05a388; path=/; HttpOnly csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6; path=/; HttpOnly
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0aa7169bf500002c3e9aa99000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wjiwaf8Hh556vJgE3MatzDvewsn7CjFnMb9n8ETlDlKSt7Sz9AHePecEmTIZ5JAY7YCE%2FeEkxzfv2Yi3RQoe1QYiT82QX58vMeqCeLp%2FlJhXczPxdBUtFcYGlH%2BRScvCSVHs8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d3fe8672c3e-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 13 Jun 2021 13:09:09 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
location
https://shrinke.me/Lx6EqkS
x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0aa7169b9400009778040d1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cnNb8LNUHLY62SZT%2FdPLgC1d6eG94am9ZGV5kUQT1gXMyj48IfP9WQZ3xzEJncl22Uw7MkJmw4pz%2Bu%2F9hAyOZolzh9vFdnWlGTnioWJ8dBpX4DWFfTTdoNkX7EfaVXCpY%2FpiOx4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d3f5a889778-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4b13b091264448af149e519f01f3838360a69f04c20e42583b0a942ca912d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 12:13:49 GMT
server
ESF
date
Sun, 13 Jun 2021 13:09:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Jun 2021 13:09:09 GMT
styles.min.css
shrinke.me/modern_theme/build/css/ 		187 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/css/styles.min.css?ver=6.4.0
pragma
no-cache
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shrinke.me
referer
https://shrinke.me/Lx6EqkS
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/Lx6EqkS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
946080
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa7169c3b00004eb5f8390000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2ec69-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Lc3hJI8gh0Or3v0jBXvkZGwnCJu2lMvuQSBN0svlmrRvhkFd8bVhCz%2B2kq4TEXhqjbb6HKMMbppSPnLemOYW9em0U7VnDtvgT7Egmma%2BXOkoLgzWQpKrDA2iZl5wigLILv5HPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
65eb8d405c114eb5-FRA
expires
Fri, 02 Jul 2021 14:21:09 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31d53985fe4ea7792c06c1d3592a25791458dfca6dcb968dced93d1974fce366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36061
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Jun 2021 13:09:10 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:09 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1623589749.dop202.fr8.t,1623589749.cds252.fr8.hc,1623589749.cds130.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
/
services.vlitag.com/adv1/ 		932 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c94dbfd84911ed021254d18c55e03e6142cdf205814499d9a0674b656a4a551
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa7169f6600002bdde5037000000001
pragma
no-cache
last-modified
Sun, 13 Jun 2021 13:09:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B59FHOSjL1hyPDvjheeQcht7TTemWBwOJKB0QTdIE4iF9yypKmA%2BHEhk%2BLzxRbyD8SW3MMmQwxaMphj1onF8z2h6YnQWrIgryk0blB9RFG4Q%2B2bujOvsxcRC5%2F7tiVxO0bwrykKpfpxnMSZ0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
65eb8d456d452bdd-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
sw.js
shrinke.me/ 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/sw.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba75869b8dc9e93dfb6bb58428301a77e3d5174716750d78e8dcd24658d4ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/sw.js
pragma
no-cache
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/Lx6EqkS
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/Lx6EqkS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
946080
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa7169c3c00004eb51b80a000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17fc0-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mRClYnIDW2HUuDr1uPeBIPL12HGghRYbHtSuyajjHV6YRwxIsveMIOOgT2Qm4WXdBeT7EkQta0%2Blc4Ybh2PWGHa2PeDHrnVOo9hpq075%2FyG%2BHax0ZWovyBWuWimWDGKLacvP2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
65eb8d405c164eb5-FRA
expires
Fri, 02 Jul 2021 14:21:09 GMT
/
d1r90st78epsag.cloudfront.net/ 		285 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1r90st78epsag.cloudfront.net/?etsrd=792297
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-177.vie50.r.cloudfront.net
Software
/
Resource Hash
a897e548e58fd9f727254a0c1182ccc985544285fb5962d3b88560e70642eed8

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
96069
via
1.1 c855d201fddbb6ef22989607fe8f5d1f.cloudfront.net (CloudFront)
x-amz-cf-id
Bqeb9ihSYtR8Krd4qJv64JYXk3HyHpd_j400F9Kcer-s532uCQ2WEQ==
1844b8e470c024a415cff51a0843d71c.js
praiserevision.com/18/44/b8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://praiserevision.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Jun 2021 13:09:10 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
logo-sm.webp
shrinkme.io/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkme.io/logo-sm.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d1fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3537723
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
31236
cf-request-id
0aa7169f8d00004ea36515e000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7a04-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CYNjBpxttHXBSXMeVdCCu2A%2BQgcEPiWqITMaR8aFANxzEVAiq8G1q%2Bq2pdD09ZL7e%2BTionK5pgRwr4Ha04GFMSP0Xq%2BjceHgb9A137XuBxlzxH8tD6sG2cplDbXmk4Msom4PDI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65eb8d45aeba4ea3-FRA
expires
Tue, 03 May 2022 14:27:07 GMT
23826
coccusadmanlob.com/t3tgUSTlRzMe6Sv/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://coccusadmanlob.com/t3tgUSTlRzMe6Sv/23826
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
146.59.211.253 , France, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-146-59-211.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
qJpGKf7.png
i.imgur.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/qJpGKf7.png
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
afc64d8345a0c5e5fe8f866056f6e594bae4a885ef8bc44a37de95dd9eaae157
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
x-content-type-options
nosniff
age
875669
x-cache
HIT, HIT
content-length
17527
x-served-by
cache-bwi5178-BWI, cache-hhn4036-HHN
last-modified
Tue, 05 Nov 2019 17:14:35 GMT
server
cat factory 1.0
x-timer
S1623589751.883820,VS0,VE0
etag
"e44ce2565aa2068add8081e038f0a55b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 749
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
7142864
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d46be77535d-FRA
cf-request-id
0aa716a0330000535d17afc000000001
expires
Thu, 17 Mar 2022 21:01:26 GMT
email-decode.min.js
shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/Lx6EqkS
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/Lx6EqkS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0aa7169e9600004eb5efb2f000000001
last-modified
Tue, 08 Jun 2021 15:58:01 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60bf9389-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aOqHNU8eAimGeztxF5eZ0kZkBP5OgyypM2%2BVR7jjVgjIlmlfNA%2F9UNY8mAPpvGUiFeJWEAqupEXMkGIM08hbFsDeQQGnp7ixwXAiqJrb%2B3cNKOybPilSKyO5r3lkTINxEhwpYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
65eb8d442fe24eb5-FRA
expires
Tue, 15 Jun 2021 13:09:10 GMT
ads.js
shrinke.me/js/ 		191 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/js/ads.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/ads.js
pragma
no-cache
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/Lx6EqkS
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/Lx6EqkS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
946078
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa7169ea200004eb5af1b3000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bf-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ew%2FktgQBlxn28UTNgi7jQrwZwPa5stUv6NTtqS05FiKtnYhxCLXFXUoysumVoje%2FnULv5rQGUw2wIUGVMmpUbRqAoSrXaP7cx6xTN4rzbC6ERIcvvzIzZ0iXUMsW6pwVh9v5gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
65eb8d44381b4eb5-FRA
expires
Fri, 02 Jul 2021 14:21:12 GMT
script.min.js
shrinke.me/modern_theme/build/js/ 		202 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/js/script.min.js?ver=6.4.0
pragma
no-cache
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/Lx6EqkS
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/Lx6EqkS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
946078
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa7169ec300004eb5dd3f6000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"32956-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hx%2Bo%2BXZgUeM1l9yRkg4ayMUVTZc%2BWdUtYZ0Jb1fPGuQIDqZxnT%2FMzymYKC%2BWCiU1sRS8O2Kkzh%2FkW%2FE9%2BLVRMAKrVkFY2bm7AA9Hrao6TuQvYVJR7nkBTsSfziOk2PHvzEIBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
65eb8d4468b54eb5-FRA
expires
Fri, 02 Jul 2021 14:21:12 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
246c041789ce91e94d2d15f5630ba5ac451de3135d4c697a2300822c55d9e105
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Sun, 13 Jun 2021 13:09:10 GMT
NDA0VkFPEkchHkFCWHR7FlhAIjFHCht5MlxCXTgqUR5ZM25HRxo8MhYcFiUsUhIOZ20WRFUxHl1UFmxjAwkGZHgNEhh0MkFSaz8lBhIOdCcFVgc1eFUDGWEjAQgZYnNXCRludFEAGTJ4VQYNN3IAA1BneBZN
leaderhistliness.info/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leaderhistliness.info/NDA0VkFPEkchHkFCWHR7FlhAIjFHCht5MlxCXTgqUR5ZM25HRxo8MhYcFiUsUhIOZ20WRFUxHl1UFmxjAwkGZHgNEhh0MkFSaz8lBhIOdCcFVgc1eFUDGWEjAQgZYnNXCRludFEAGTJ4VQYNN3IAA1BneBZN
Requested by
Host: shrinke.me
URL: https://shrinke.me/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.196.151.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-230.compute-1.amazonaws.com
Software
/ Express
Resource Hash
040cedf98dba5d0ea24b8fe66805e8e18d7dcd01cdb7dd4cd1214e0f299e64bc

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"df66-n/H8TXr7GmHT2F7mXpzzsdcYsSw"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2670
date
Sun, 13 Jun 2021 12:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 13 Jun 2021 14:24:40 GMT
1844b8e470c024a415cff51a0843d71c.js
praiserevision.com/18/44/b8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://praiserevision.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Jun 2021 13:09:10 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
services.vlitag.com/uv/ 		13 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshrinke.me%2FLx6EqkS&mtk=8509
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
cf-request-id
0aa716a01200004df414909000000001
pragma
no-cache
last-modified
Sun, 13 Jun 2021 13:09:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IicMsp57BLWtSVLjKUpUkwPYvOSK%2FpYrjPYQklCrx8dythn9ImLQo6BSPsaMTSOjAYYf0Tgr9nm5EQQEO7SXO1KPpOOUHb35Apg6qnjYQDr2H9p6AS9SWIMAX%2Fl7xgQyyDFtv1o1TejJzLV4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://shrinke.me
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
65eb8d46892a4df4-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
b696d0f5c06dbd9fd83feb568718537b.js
tag.vlitag.com/v1/1623493598/ 		481 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c318491dca573f4952082278caf477278ec15f9d78dc809dd997ddb35676b2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
96140
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a01d00002bdd11048000000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LG%2Bk58cOrDU8syWgHxcBZrpMiko9tjoktH%2BXUk%2Fk0TibmeGwnNfuG%2BlUKjSpMprqKSUx4aVSsWhKHDuex2Mu2HRoYBCArcch6FLPHt4DGuouHFZYYHlhRjvmLNc83Nc1fm6CRypqIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
cf-ray
65eb8d4698802bdd-FRA
header9.webp
shrinkme.io/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkme.io/header9.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d1fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3537719
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
130482
cf-request-id
0aa716a01d00004ea37c382000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1fdb2-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ThHsQX5C4GZgnqqYntWuGUNAIwneiTpubxt35GWTghcR7Sz4MQO6CPUQQvkBkSVMG87yJkMc0s3JcQhoVFx2cm9NklP%2FptcV7X0b6pOsLjuPCjKixnd2CnB%2BpH%2FVPE18w3ZhQBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65eb8d4698f64ea3-FRA
expires
Tue, 03 May 2022 14:27:11 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:48:20 GMT
x-content-type-options
nosniff
age
116450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:48:20 GMT
fontawesome-webfont.woff2
shrinke.me/modern_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: shrinke.me
URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://shrinke.me
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
:path
/modern_theme/build/fonts/fontawesome-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shrinke.me
referer
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://shrinke.me
Referer
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
272
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
cf-request-id
0aa716a01f00004eb5eda7c000000001
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12d68-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SZXTK4OhX8K9h6DthGLEs%2FFnC5wo33XQEbedcnNnoVzF1CyApvAq5v84m9qITPdqaXGxX9BLzhIYe9ywFRzrqg%2Bmm3Z3sGOacoy%2Fc5SCy%2BkDTn0GftyU4pBnC2dk64piIgPCmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
x-xss-protection
1; mode=block
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
65eb8d469f794eb5-FRA
Lx6EqkS
shrinke.me/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinke.me/Lx6EqkS
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/Lx6EqkS
pragma
no-cache
cookie
lang=en_US; AppSession=5ce1a5f6089d072430b5b3b53b05a388; csrfToken=6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shrinke.me
referer
https://shrinke.me/Lx6EqkS
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/Lx6EqkS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a03c00004eb5f5ac6000000001
pragma
no-cache
x-robots-tag
noindex, nofollow
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=v914ezzC8Pebn7S%2FC9WhYmk%2BRk%2Bj56yIwLZJGqi60EwOrM4HBjr21NebtWXsTZ0ZLlhzt4476jLkODmijeosa7Hpe9cwMjKZYrkp5SlZLyogAXuWcZ0MELnOf5SA0fpDnjRq2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate
cf-ray
65eb8d46bffa4eb5-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 18:32:04 GMT
x-content-type-options
nosniff
age
67026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 18:32:04 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 19:23:12 GMT
x-content-type-options
nosniff
age
63958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 19:23:12 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=92484200&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1303719396&gjid=427624354&cid=69332980.1623589751&tid=UA-137383949-1&_gid=846041304.1623589751&_r=1&gtm=2ou690&z=1341996476
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ 		343 KB
344 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 12:42:29 GMT
x-content-type-options
nosniff
age
1601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
351376
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jun 2022 12:42:29 GMT
impress
exchange.adtrue.com/delivery/ Frame 6266 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
498fd27eb6dc4514f79d6a0e0f8ac0a2743600d36313d087a0af349b9c918c1b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
nginx
x-adtrue-instance
java1
content-length
4578
content-type
application/javascript
impress
exchange.adtrue.com/delivery/ Frame 3B09 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
12a0241564451caa4b0a2500a7bcaa051fa8cd696faed6093a59eefa9e9a0885

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
nginx
x-adtrue-instance
java2
content-length
4578
content-type
application/javascript
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/ 		267 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1784585
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a0d700002bdde89e6000000001
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=99zNDH783canh4RuM293SMrGmZRf%2FSQSkK%2BmTQZGc479rq73bjjMtw09Hm2bTmHDWHijgg34KwiixhbNmiD5Rj7YJprC2N%2Bqex3%2FjcWooQON036rBT21Ec9h2PrE5PJ35KIpvQZS%2FBVoJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65eb8d47bb8b2bdd-FRA
expires
Sun, 23 May 2021 21:56:06 GMT
prebid-v4.38.0.js
assets.vlitag.com/prebid/default/ 		411 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
272632
cf-polished
origSize=421400
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a0d700002bdd1a126000000001
x-robots-tag
noindex, nofollow
last-modified
Mon, 10 May 2021 09:25:11 GMT
server
cloudflare
etag
W/"6098fbf7-66e18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=88%2Fl2hITNutiLDemCwbQmPRAm6wfDQpPhCOP%2F%2Foj3DU2H72FOl8dnPYBFKDAG4LAtNdCn90LCDmjFoSrha46Vs0EzD3VgPo%2F812ZWjj8rAv4lQSlPbwONw9P1H27RZ3Aw1g0Vhd6QyOEzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65eb8d47bb8c2bdd-FRA
expires
Thu, 10 Jun 2021 09:55:19 GMT
gpt.js
www.googletagservices.com/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"901 / 52 of 1000 / last-modified: 1623449339"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21293
x-xss-protection
0
expires
Sun, 13 Jun 2021 13:09:11 GMT
viPlayer_v42.min.js
assets.vlitag.com/plugins/vlPlayer/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1786037
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a0d700002bdde91c2000000001
x-robots-tag
noindex, nofollow
last-modified
Thu, 26 Nov 2020 03:46:23 GMT
server
cloudflare
etag
W/"5fbf250f-33d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=236u%2F8GM36XU8sTHRC20lr9S7pcN3WZyc5yIrzkNsoMlHBndsN2GGr%2FIuAh6bEQ%2BEPtpu%2FT9hVaMf5fhEpnB1QRDPWo5rpVgqEKiF5006lgfRf%2Bf%2BpQl7U%2FHcjuStLXUJQJajOroeh8UsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65eb8d47bb872bdd-FRA
expires
Sun, 23 May 2021 21:31:54 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		338 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118262
x-xss-protection
0
expires
Sun, 13 Jun 2021 13:09:11 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1786037
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a0d700002bdd35943000000001
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x4qwY4AEOGH0jNh6lcuSjRdwi86fACqVd0Ds6hcYjDuL%2BzZWNZr5DaWO5KQGJlDcF27zHI1rNWCcmyWFAM11eQhmFZX6ihsPHM4CJHXzkvCBRe%2F7FqVuG0Nyei01m2cxOe%2FSYw5aP10%2BPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65eb8d47bb8e2bdd-FRA
expires
Sun, 23 May 2021 21:31:54 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-137383949-1&cid=69332980.1623589751&jid=1303719396&gjid=427624354&_gid=846041304.1623589751&_u=YEBAAUAAAAAAAC~&z=936384710
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 13 Jun 2021 13:09:11 GMT
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021060801.js
securepubads.g.doubleclick.net/gpt/ 		318 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114129
x-xss-protection
0
expires
Sun, 13 Jun 2021 13:09:11 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137383949-1&cid=69332980.1623589751&jid=1303719396&_u=YEBAAUAAAAAAAC~&z=573538329
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137383949-1&cid=69332980.1623589751&jid=1303719396&_u=YEBAAUAAAAAAAC~&z=573538329
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 57FB 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0ec8027fbfea2b58f8146ce4ceb925d190253b80c7595b130fb598bb4c2540dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uW6f55zobPEfxkz4xQ+DuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Jun 2021 13:09:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-uW6f55zobPEfxkz4xQ+DuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210613
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514ea21b6bb4184375ed0fb7c1694c4778f4f9da5dd7d8982cd8fba5fd5b4d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36473
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a19a000005f5cbbea000000001
x-served-by
cache-fra19164-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"69b-fqDMX8On+wfYNW7X+eLdPc0YfLg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
65eb8d48fed705f5-FRA
prebid
ib.adnxs-simple.com/ut/v3/ 		144 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ea1dba5fef87a79efcb0737a9672ed8344cb70b47e86d9c469dd26143df42906
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:11 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.207:80
AN-X-Request-Uuid
ceea0c41-e58f-44f0-a254-ef362f164b8d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=75961671846
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
82
vary
origin
quantumdex
useast.quantumdex.io/auction/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n30i7EACDkcUMT5JPMcEFCHLoYElfxdxQrxeooFmIVJvFFy9uCoMx1mAlDOoxJ3j%2BiQR9ZX3NrRxF1GZLaPwDftNt2dy2eGi53tnrhk3uigLDLGr0Ue%2BMeo5zoTcKL2lmAb9w6WgqikAo21YaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
65eb8d491abe4d8a-FRA
cf-request-id
0aa716a1ad00004d8aa80db000000001
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&n...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.3...
438 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e24b3332c2adb5775df6919582ca4ffe24c14d7fff5c1e51c36aca1b610b9909

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
438
x-sid
AMS-732

Redirect headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-732
prebid
ib.adnxs-simple.com/ut/v3/ 		145 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ac6de5b959dd6bf0b026990f50798d9e4e68726714f3675b735d9d0649aa1457
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:11 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.109:80
AN-X-Request-Uuid
77a17ef4-f63c-4c26-954a-125658f237d7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nsGawdY%2FzYCE%2BSHEvf0F4zqqWX0x58OhJmPrpMjfsrewVCadEh7Pz4GoImkb5Bv9vPlv3VNVfTGDO6nk4BIhsVfrx%2Fvt6H9DI42oYW9%2FnDZn9GBa3S%2B%2BpvQYCIMofxtaIWTHrGLuG94eIh0Crw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
65eb8d491ac04d8a-FRA
cf-request-id
0aa716a1ad00004d8acc9af000000001
c
prebid.a-mo.net/a/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
78
vary
origin
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=12650418270
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&n...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.3...
438 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e24b3332c2adb5775df6919582ca4ffe24c14d7fff5c1e51c36aca1b610b9909

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
438
x-sid
AMS-732

Redirect headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-732
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshr...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%...
438 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3f5715468e1e8f067de4d985b751113df5baa042b25faaa77307d1f4c3a93bc7

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
438
x-sid
AMS-732

Redirect headers

date
Sun, 13 Jun 2021 13:09:11 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&rnd=0.48547075489712777&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-732
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
114
vary
origin
prebid
ib.adnxs-simple.com/ut/v3/ 		145 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c87e0553c098d14c57a8b55daeb3a8dd509c0d6268d8a32403692b016b2c865
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:11 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.74:80
AN-X-Request-Uuid
0627d71d-73e4-4e14-8b33-ec9ab7927b52
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=URH%2FK65Efh9rpMi1VcQCDHXzMoQwXgKOO8i524%2F%2FOVA1F0WiIgFbYO1u9OFUc6sQlYXY6NbNmejlwynAfWDtuV50TSmHscXWnpl1ASy1POg4to3XW%2F%2FL1QH%2Fg4Hz%2BVkp%2B5fWwn6kBPGbuG4r1A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
65eb8d491ac14d8a-FRA
cf-request-id
0aa716a1ad00004d8a8e2c0000000001
cdb
bidder.criteo.com/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=31897354426
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:10 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
1572962788.jpg
assets.vlitag.com/widget/2019/11/05/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962788.jpg
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
320260
cf-polished
qual=85, origFmt=jpeg, origSize=111413
content-disposition
inline; filename="1572962788.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
84586
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:06:28 GMT
server
cloudflare
etag
"5dc181e4-1b335"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=99wTaWEVf5Q7kOhXwIwqKCpxNFYNmVIpMS%2Fm7dSeg7HQQE1SjLeuMuGXB%2B9no8jFrUwT2%2FGfumpnOUZUPicLsAyWVMqH0FBPWqci%2BKNFcH3pzfM1kCmlLsGUxen6WcuV%2BfQVPaWNTJNyKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Wed, 09 Jun 2021 20:41:31 GMT
cache-control
max-age=16070400
cf-request-id
0aa716a1c40000d725c6b01000000001
accept-ranges
bytes
cf-ray
65eb8d493849d725-FRA
cf-bgj
imgq:85,h2pri
videoplayback
r5---sn-4g5e6ney.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=r8AoVMBwjcc&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1623608247&ei=V_fFYJumNJOvxN8PuOyQ2A0&ip=54.229.35.238&id=o-AAc5lVHoG-L_7O2gYj3U9V4QxBLVg34xevXLY90aLsS6&itag=22&source=youtube&requiressl=ye...
  • https://r5---sn-4g5e6ney.googlevideo.com/videoplayback?expire=1623608247&ei=V_fFYJumNJOvxN8PuOyQ2A0&ip=54.229.35.238&id=o-AAc5lVHoG-L_7O2gYj3U9V4QxBLVg34xevXLY90aLsS6&itag=22&source=youtube&require...
256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5e6ney.googlevideo.com/videoplayback?expire=1623608247&ei=V_fFYJumNJOvxN8PuOyQ2A0&ip=54.229.35.238&id=o-AAc5lVHoG-L_7O2gYj3U9V4QxBLVg34xevXLY90aLsS6&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=9012yHLj5NUWv_Op-On1KwoF&ratebypass=yes&dur=307.989&lmt=1614587910266558&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=dAgPWzOy9wb1RjR5j4D&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgfDq39GzhCkA2sycZwSSD41bhiROhbLIIUV3iSMseR3wCIAlaFKh7UidgFWU-AvQcjr9CshxvF7IkbMOcY-Q7Swvt&cms_redirect=yes&mh=eI&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6ney&ms=au&mt=1623589256&mv=m&mvi=5&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKjWF-TXOwaVFpkRiGR0lht_o2sEgS5Olong3z_unWeNAiBMG_AXygrw_G84kLJQe1-mLOZq3EyUZv1F9oKcyDYcsA%3D%3D
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:4e::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 08:38:30 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-44703699/44703700
client-protocol
quic
cache-control
private, max-age=18196
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
44703700
expires
Sun, 13 Jun 2021 13:09:11 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:11 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5e6ney.googlevideo.com/videoplayback?expire=1623608247&ei=V_fFYJumNJOvxN8PuOyQ2A0&ip=54.229.35.238&id=o-AAc5lVHoG-L_7O2gYj3U9V4QxBLVg34xevXLY90aLsS6&itag=22&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=9012yHLj5NUWv_Op-On1KwoF&ratebypass=yes&dur=307.989&lmt=1614587910266558&fexp=24001373%2C24007246&c=WEB&txp=1432434&n=dAgPWzOy9wb1RjR5j4D&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRAIgfDq39GzhCkA2sycZwSSD41bhiROhbLIIUV3iSMseR3wCIAlaFKh7UidgFWU-AvQcjr9CshxvF7IkbMOcY-Q7Swvt&cms_redirect=yes&mh=eI&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6ney&ms=au&mt=1623589256&mv=m&mvi=5&pl=50&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKjWF-TXOwaVFpkRiGR0lht_o2sEgS5Olong3z_unWeNAiBMG_AXygrw_G84kLJQe1-mLOZq3EyUZv1F9oKcyDYcsA%3D%3D
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1149
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 57FB 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 07:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jun 2022 07:31:46 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 57FB 		343 KB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 12:42:29 GMT
x-content-type-options
nosniff
age
1602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
351376
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jun 2022 12:42:29 GMT
truncated
/ Frame 57FB 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 57FB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 57FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 11:25:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
92617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Sat, 19 Jun 2021 11:25:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 57FB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:48:34 GMT
x-content-type-options
nosniff
age
116437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:48:34 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 57FB 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=normal&cb=fuen6bzeaqzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 13 Jun 2021 13:09:11 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame 9123 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=t0zm47vw65bq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9013894cebb6d6424c808ad8e88a34564d2c2780b776cbf1ff77a50888250255
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I0xOFFDOo0JNXdoQScNLfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=t0zm47vw65bq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Jun 2021 13:09:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-I0xOFFDOo0JNXdoQScNLfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 9123 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=t0zm47vw65bq
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 07:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jun 2022 07:31:46 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 9123 		343 KB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&k=6Ld2tZgUAAAAANd3fPgc_aw6fvtoDDJGmzsZX0cA&cb=t0zm47vw65bq
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 12:42:29 GMT
x-content-type-options
nosniff
age
1602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
351376
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jun 2022 12:42:29 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 6266 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
7142855
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d4b6b4b535d-FRA
cf-request-id
0aa716a3200000535dfbbcf000000001
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 6266 		250 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=119643
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Mon, 14 Jun 2021 22:23:14 GMT
ga.js
cdn-adtrue.com/track/ Frame 6266 		751 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6340560
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a33800004e6df38bf000000001
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jQrvBHF8csKBtsyz8Ks9VznIVJZc9gKFdhs6N6slMOnMxynSutNq%2FE%2FDR%2Fo5DOtQQgl5p1CFyWDx30i9b%2FQVj1pErHpN63jBcjoP5HPKH9Sml9OInEVGJ2JKmB2ms7GBMK%2FQ9cHJEO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d4b8cbe4e6d-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6266 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e02d1f005e0dada487e4e813b64c1120200183f8426ab4ef52c8851287c45815
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:11 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid
56e9c133-378a-49dc-8d33-170aba8666c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 6266 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6266 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=83434310682
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.js
cdn.adtrue.com/pb/ Frame 3B09 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
7142855
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d4c6dd3535d-FRA
cf-request-id
0aa716a3c30000535dd7110000000001
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 3B09 		250 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=119643
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Mon, 14 Jun 2021 22:23:14 GMT
ga.js
cdn-adtrue.com/track/ Frame 3B09 		751 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cb=3657140382&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6340560
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a3ec00000746bb0ba000000001
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j68SD51q%2BxAlGt5BET4r6knolUE8umil6YcjtEzV5iKceHrM3yLemsU%2BOQt5zALqBt6e4ewblP3lF5xlh7sTUvAdaHA6bSeaMu%2BzFntWgrW%2FhL1ysc%2F5o9jWUIFTKztO8Kwy8MWGfOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d4caacb0746-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3B09 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b5800211d31fda967ffe6fb98fd6ff6b22f758c0f4408e95a7e430dbe3267790
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:11 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid
2ce4031a-18d8-4384-a68d-a9e2f569eafb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3B09 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 3B09 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=61821676764
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:11 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://shrinke.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://shrinke.me
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1415
date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 6266
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
  • https://mug.criteo.com/sid?cpp=uOKp7nxaR0JzSjdROWs0WnZjTEhyWjhrTk5WOEJla3BKRng2WlRCUEUyM2hjRkxDWDJXK21KWnhvQ21kZnpPbXphOFNObkltYU5Mb0FJN3hPSFkwSUd3anBlMjQ4bFlUVkc4Q1h4OExvTE50WkVLcVNhcWhMTlk1UkZiem...
350 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uOKp7nxaR0JzSjdROWs0WnZjTEhyWjhrTk5WOEJla3BKRng2WlRCUEUyM2hjRkxDWDJXK21KWnhvQ21kZnpPbXphOFNObkltYU5Mb0FJN3hPSFkwSUd3anBlMjQ4bFlUVkc4Q1h4OExvTE50WkVLcVNhcWhMTlk1UkZiemVFd0NNWXkzWmc3aG9aMG9IenhkSHMyRGp3MklZeWlQQ3hxb2xFajVFcmJ2U2NNUVZ4YnNsZk9kNlI5VEQvYUc2dWRTZCt1Z3dyTlNOYitMd3FpT1orQjVONDd1WHNBM2tsSUNlazh4NnVPR3pMSW8vY2h3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
16259a472f7ff62b8857a746f6a39ba182e068c7e1f91cf7a26d704c142cfac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 13 Jun 2021 13:09:11 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2531
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 13 Jun 2021 13:09:11 GMT
location
https://mug.criteo.com/sid?cpp=uOKp7nxaR0JzSjdROWs0WnZjTEhyWjhrTk5WOEJla3BKRng2WlRCUEUyM2hjRkxDWDJXK21KWnhvQ21kZnpPbXphOFNObkltYU5Mb0FJN3hPSFkwSUd3anBlMjQ4bFlUVkc4Q1h4OExvTE50WkVLcVNhcWhMTlk1UkZiemVFd0NNWXkzWmc3aG9aMG9IenhkSHMyRGp3MklZeWlQQ3hxb2xFajVFcmJ2U2NNUVZ4YnNsZk9kNlI5VEQvYUc2dWRTZCt1Z3dyTlNOYitMd3FpT1orQjVONDd1WHNBM2tsSUNlazh4NnVPR3pMSW8vY2h3PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1954
content-length
482
expires
0
passback.js
cdn.adtrue.com/rtb/ Frame 8A95 		753 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
7142533
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d4d8900535d-FRA
cf-request-id
0aa716a4780000535d291f4000000001
expires
Thu, 17 Mar 2022 21:06:57 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://shrinke.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://shrinke.me
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1398
date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3B09
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
  • https://mug.criteo.com/sid?cpp=XF8nJ3xQOHZpZ0xBVzdncVlzSzVYdzMzQ0FkMHRGWmpTMUJtd3lnVGJjM3FZeDJ6R01KVGZ5bkVsby9NUlJNd1ovWmpLK1owZllQblU0NFpXeDJNOE1kajNMeGJvUFZzaHBDRVI5dmlUdS9ONDhZTHN0ak56TVhaRmlnaX...
352 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XF8nJ3xQOHZpZ0xBVzdncVlzSzVYdzMzQ0FkMHRGWmpTMUJtd3lnVGJjM3FZeDJ6R01KVGZ5bkVsby9NUlJNd1ovWmpLK1owZllQblU0NFpXeDJNOE1kajNMeGJvUFZzaHBDRVI5dmlUdS9ONDhZTHN0ak56TVhaRmlnaXk3eVQ1WFZIZ1E5Yk5Zd3RFQkZmNTJiS2toSEl3ZmgzTGNUVFdjRnpsellRSlNuWCthTE1ETmhnMUYrc3NxTGJPdXBESGJXV3VRWjd1QzExM0VlZzVBNGRZNWUzQmd3PT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e4accc76409500e73c35d8af157749fd0fb75280bf7907b2dfd146b223407996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 13 Jun 2021 13:09:12 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2736
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 13 Jun 2021 13:09:11 GMT
location
https://mug.criteo.com/sid?cpp=XF8nJ3xQOHZpZ0xBVzdncVlzSzVYdzMzQ0FkMHRGWmpTMUJtd3lnVGJjM3FZeDJ6R01KVGZ5bkVsby9NUlJNd1ovWmpLK1owZllQblU0NFpXeDJNOE1kajNMeGJvUFZzaHBDRVI5dmlUdS9ONDhZTHN0ak56TVhaRmlnaXk3eVQ1WFZIZ1E5Yk5Zd3RFQkZmNTJiS2toSEl3ZmgzTGNUVFdjRnpsellRSlNuWCthTE1ETmhnMUYrc3NxTGJPdXBESGJXV3VRWjd1QzExM0VlZzVBNGRZNWUzQmd3PT18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1563
content-length
455
expires
0
passback
exchange.adtrue.com/tag/ Frame 8A95 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=480012388&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ecbbfcd03dfa1f6826b68e63ba9287b8e6d79590eea05e115543a6694a98329b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
server
nginx
content-length
1675
content-type
application/javascript
passback.js
cdn.adtrue.com/rtb/ Frame 4BE8 		753 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
7142533
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
65eb8d4dc99f535d-FRA
cf-request-id
0aa716a49c0000535db592c000000001
expires
Thu, 17 Mar 2022 21:06:57 GMT
passback
exchange.adtrue.com/tag/ Frame 4BE8 		432 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=1045897026&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a9d5e562f67ce6a69e1f874a2e8ca3efbca2f58d89a0cab3d3e7d45e571cdf41

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
server
nginx
content-length
432
content-type
application/javascript
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=XF8nJ3xQOHZpZ0xBVzdncVlzSzVYdzMzQ0FkMHRGWmpTMUJtd3lnVGJjM3FZeDJ6R01KVGZ5bkVsby9NUlJNd1ovWmpLK1owZllQblU0NFpXeDJNOE1kajNMeGJvUFZzaHBDRVI5dmlUdS9ONDhZTHN0ak56TVhaRmlnaXk3eVQ1WFZIZ1E5Yk5Zd3RFQkZmNTJiS2toSEl3ZmgzTGNUVFdjRnpsellRSlNuWCthTE1ETmhnMUYrc3NxTGJPdXBESGJXV3VRWjd1QzExM0VlZzVBNGRZNWUzQmd3PT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
975
date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uOKp7nxaR0JzSjdROWs0WnZjTEhyWjhrTk5WOEJla3BKRng2WlRCUEUyM2hjRkxDWDJXK21KWnhvQ21kZnpPbXphOFNObkltYU5Mb0FJN3hPSFkwSUd3anBlMjQ4bFlUVkc4Q1h4OExvTE50WkVLcVNhcWhMTlk1UkZiemVFd0NNWXkzWmc3aG9aMG9IenhkSHMyRGp3MklZeWlQQ3hxb2xFajVFcmJ2U2NNUVZ4YnNsZk9kNlI5VEQvYUc2dWRTZCt1Z3dyTlNOYitMd3FpT1orQjVONDd1WHNBM2tsSUNlazh4NnVPR3pMSW8vY2h3PXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
981
date
Sun, 13 Jun 2021 13:09:11 GMT
content-encoding
gzip
vary
Accept-Encoding
n.js
cdn.run-syndicate.com/sdk/v1/ Frame 8A95 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.run-syndicate.com/sdk/v1/n.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=480012388&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.88.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
10018692
etag
W/"602d15c7-44f3"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8713
invoke.js
praiserevision.com/2b7825b40010ad17ac7b5777c664449c/ Frame 4BE8 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://praiserevision.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Jun 2021 13:09:12 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
tag.vlitag.com/passback/ Frame 63B6 		197 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29441&divID=vi_850929441_816&w=320&h=100
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecebd072da484574bae3ad8fbd2dda03529d4e5716486df4fdde5820cab09931
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
93350
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4bmt1jmta4wWZwY51nw%2BRTu9wsnAXknr%2BQaQ2I0Y%2BXRN41QbYN1A1%2FMNLGsofpReSGDbb8tEOp1b8YEbYSiTdboj4UdLfewgresGErj8y09IDw1i57xsaXvoM3UXOwZUEtyfx6Eapg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0aa716a63e0000d725dd02e000000001
cf-ray
65eb8d506e21d725-FRA
/
stats.vlitag.com/pi/ Frame 63B6 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.vlitag.com/pi/?e=zdNUtKyBZZZ-eKeU-Paey-wYMT-YPaBewqMqPqURzNhqllwqe0RrNMZAaRmNYaPPTRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1lxk00AxlKDXNKKZ8EOze%2FQ4ur5uOseR4nKtuJA0aq8fYZNFa3A2pSYL9Z%2FH4SH7rmBl4i5L5iOwiN3XJ8cAIVUwhZQzz3s2UJBxXMiYPSp2%2F1bGiCQp7odJGsHcBqpv5XyP3%2BTJw5tm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
65eb8d506b052bdd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0aa716a64600002bddeca43000000001
js
www.googletagmanager.com/gtag/ Frame 94FA 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d3d302a1fec1f4ad1aa4de6e1589d52fd07c5a64997de0fc4e3ab51eb19fd41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36051
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Jun 2021 13:09:12 GMT
shrinke.me.1062925.js
jsc.adskeeper.com/s/h/ Frame 63B6 		267 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29441&divID=vi_850929441_816&w=320&h=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95078b6de3f7ca7cf8dd9bde1c649b2be639e7b855270d250258df15f50460c0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1323
cf-ray
65eb8d515fd8083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
74863
x-amz-id-2
ESELuJfhRQOq+3oJ1oBEhTeD5C7Ox6cPVqxf5oInckvHePA7v2Rdp3Ty4mcfMW5KCMJL0P6k54Q=
last-modified
Thu, 10 Jun 2021 10:09:54 GMT
server
cloudflare
etag
"a9a3a7197c3c1119c81661e30b1b7e3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
X0H2DX4JEESHFXQH
cache-control
public, max-age=14400
cf-request-id
0aa716a6d40000083f799e8000000001
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 13 Jun 2021 17:09:12 GMT
n.css
cdn.run-syndicate.com/sdk/v1/ Frame 8A95 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.run-syndicate.com/sdk/v1/n.css
Requested by
Host: cdn.run-syndicate.com
URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.88.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
last-modified
Wed, 17 Feb 2021 15:07:12 GMT
server
nginx
age
10014318
etag
"602d3120-2055"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8277
analytics.js
www.google-analytics.com/ Frame 94FA 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
635
date
Sun, 13 Jun 2021 12:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 13 Jun 2021 14:58:37 GMT
/
tag.vlitag.com/passback/ Frame 5F8B 		197 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29441&divID=vi_850929441_628&w=320&h=100
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecebd072da484574bae3ad8fbd2dda03529d4e5716486df4fdde5820cab09931
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
93202
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZAVnYtyjyzLvrO8Oyhe%2FK0emuYuTb0tNDrCuM1bvLE2rBRqeFpVhBbpJHesUZmsvaCyN5%2FApF7d3WTUQuxyyIkaC7rhsuffFCZC3w9UVaptsYuIqy8WuLf75KqiFOGfzeItwLMAmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0aa716a6790000d725d29a6000000001
cf-ray
65eb8d50ceebd725-FRA
/
stats.vlitag.com/pi/ Frame 5F8B 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.vlitag.com/pi/?e=zdNrePTrYTM-ZMtM-PyTt-wYqy-qyZrTBBttMZURzNhqllwqe0RrNMZAaRmNYaPPTRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q3edTCU1dBILMvGq%2FusNohcViexrDd0Fz4vFW7hlnqXArm3iZPt2q8wlJnvUsPy8dEyzN0fgphsNHmw2Vjrz4Lhu78eyvD976Hvuso4ZnUAfHoHDdbsKyTuuH82JxVDjAFNo50aeKOWt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
65eb8d50cbe82bdd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0aa716a67900002bdde9a68000000001
collect
www.google-analytics.com/j/ Frame 94FA 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1271889741&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=1709548999&gjid=213466437&cid=69332980.1623589751&tid=UA-128776493-30&_gid=846041304.1623589751&_r=1&gtm=2ou690&z=414407959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 94FA 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1271889741&t=pageview&_s=2&dl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=69332980.1623589751&tid=UA-128776493-30&_gid=846041304.1623589751&gtm=2ou690&z=1093093461
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 05:33:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27313
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
shrinke.me.1062925.js
jsc.adskeeper.com/s/h/ Frame 5F8B 		267 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29441&divID=vi_850929441_628&w=320&h=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95078b6de3f7ca7cf8dd9bde1c649b2be639e7b855270d250258df15f50460c0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1323
cf-ray
65eb8d515fda083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
74863
x-amz-id-2
ESELuJfhRQOq+3oJ1oBEhTeD5C7Ox6cPVqxf5oInckvHePA7v2Rdp3Ty4mcfMW5KCMJL0P6k54Q=
last-modified
Thu, 10 Jun 2021 10:09:54 GMT
server
cloudflare
etag
"a9a3a7197c3c1119c81661e30b1b7e3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
X0H2DX4JEESHFXQH
cache-control
public, max-age=14400
cf-request-id
0aa716a6d40000083fbe21d000000001
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 13 Jun 2021 17:09:12 GMT
/
tag.vlitag.com/passback/ Frame E038 		195 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29440&divID=vi_850929440_660&w=970&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b65da7e1759e98a2f61c7c52b78089e03473fbfa1fe85e8891e3255cbbf9f5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
67458
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3TXGsFaCLdrflqwNeKciRWLNnGjz6%2BQ0XWmWcvJBWiBg6BZDs9eE3S38MR4FJbyu4Q3l8N2dsT0RlBBlgC44KaewmEoD19xhefJ5MMpAvQVClEpfI1ZXMeEPxv0pUwerMkZjViHn%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-request-id
0aa716a6a50000d725c2b1e000000001
cf-ray
65eb8d510f69d725-FRA
/
stats.vlitag.com/pi/ Frame E038 		0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.vlitag.com/pi/?e=zdNAqtBewAt-ZAMq-PtAA-MKtK-MqTtwTeqPyatRzNhqllwqe0RrNMZAaRmNYaPPARrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YTUvg48f48RgRnDnToWb0NjrX1rBWlznveeuh3V%2FnIsRa7xpfOWn06v4i6N2NvPQFoQlx4QX8Lzocvia6MVdWnjaIXWG6yMeT39xDN69GH%2B%2FoHM3sqhsPYDPfnRJDvhMNEzNq0hdczCN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
65eb8d510cad2bdd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0aa716a6a500002bddf6a38000000001
collect
www.google-analytics.com/ Frame 94FA 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1271889741&t=pageview&_s=3&dl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=69332980.1623589751&tid=UA-128776493-30&_gid=846041304.1623589751&gtm=2ou690&z=1100392108
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 05:33:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27313
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
shrinke.me.992723.js
jsc.adskeeper.com/s/h/ Frame E038 		267 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1623493598&d=8509&z=29440&divID=vi_850929440_660&w=970&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46596ae92cd8518bb0734c3a6c50cc6fcd63bcc6f4dcdd8e7cfff14e50d0fbf2

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1323
cf-ray
65eb8d515fdb083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
74820
x-amz-id-2
hMu+bHuD/3jQLU31RBrDmEud4EJN2G7dECekKbKyrBYtZ0WizKundiz4/Omxd7pNj4Bx0Bi+ytQ=
last-modified
Thu, 10 Jun 2021 09:56:30 GMT
server
cloudflare
etag
"e7908c8e86a8d9a884eedc888261b621"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
X0HEYZFSG1ZKFFXJ
cache-control
public, max-age=14400
cf-request-id
0aa716a6d40000083fc084f000000001
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 13 Jun 2021 17:09:12 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6266 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Jun 2021 13:09:12 GMT
css
fonts.googleapis.com/ Frame 63B6 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 11:20:59 GMT
server
ESF
date
Sun, 13 Jun 2021 13:09:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Jun 2021 13:09:12 GMT
/
c.adskeeper.com/pv/ Frame 63B6 		0
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1623589752736588115684&uniqId=15599&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cxurl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&lu=https%3A%2F%2Fshrinke.me%2FLx6EqkS&pageView=1&pvid=17a057d8fa197900aba&site=629011&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d52cbe8083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a7bc0000083f59bfd000000001
truncated
/ Frame 63B6 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 63B6 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
age
3899
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7TTE6E1B08DP2RMH
x-amz-id-2
IBoVAR/fVZBzjCkotxruthDlxnDTUn966PlH8ZIfdbMLrNRphxb75e3A7KHCOZSAaF9r3+Pq+ww=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0aa716a82700004be2743b7000000001
cf-ray
65eb8d53794c4be2-AMS
expires
Sun, 13 Jun 2021 17:09:12 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 63B6 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 17:35:44 GMT
x-content-type-options
nosniff
age
70408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 17:35:44 GMT
css
fonts.googleapis.com/ Frame 5F8B 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 11:16:10 GMT
server
ESF
date
Sun, 13 Jun 2021 13:09:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Jun 2021 13:09:12 GMT
truncated
/ Frame 5F8B 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 5F8B 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
age
3899
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7TTE6E1B08DP2RMH
x-amz-id-2
IBoVAR/fVZBzjCkotxruthDlxnDTUn966PlH8ZIfdbMLrNRphxb75e3A7KHCOZSAaF9r3+Pq+ww=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0aa716a82700004be2ae98c000000001
cf-ray
65eb8d5379504be2-AMS
expires
Sun, 13 Jun 2021 17:09:12 GMT
css
fonts.googleapis.com/ Frame E038 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 11:18:52 GMT
server
ESF
date
Sun, 13 Jun 2021 13:09:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Jun 2021 13:09:12 GMT
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame E038 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
br
cf-cache-status
HIT
age
3899
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7TTE6E1B08DP2RMH
x-amz-id-2
IBoVAR/fVZBzjCkotxruthDlxnDTUn966PlH8ZIfdbMLrNRphxb75e3A7KHCOZSAaF9r3+Pq+ww=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0aa716a84100004be2940a8000000001
cf-ray
65eb8d5399874be2-AMS
expires
Sun, 13 Jun 2021 17:09:12 GMT
truncated
/ Frame E038 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
servicer.adskeeper.com/1062925/ Frame 63B6 		991 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1062925/1?pv=5&cbuster=1623589752891384368846&uniqId=15599&niet=4g&nisd=false&w=320&h=100&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cxurl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&lu=https%3A%2F%2Fshrinke.me%2FLx6EqkS&pageView=1&pvid=17a057d8fa197900aba&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c5ec714c512c7a6b038803f0fbd931dda467bc586d189cb5fc3ccb72368268

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d53be6c083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8540000083f7fa95000000001
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3B09 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Jun 2021 13:09:12 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 5F8B 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 17:35:44 GMT
x-content-type-options
nosniff
age
70408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 17:35:44 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame E038 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 17:35:44 GMT
x-content-type-options
nosniff
age
70408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 17:35:44 GMT
1
servicer.adskeeper.com/1062925/ Frame 5F8B 		1017 B
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1062925/1?w=320&h=100&cols=1&pv=5&cbuster=1623589752928123427025&uniqId=15c22&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cxurl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&lu=https%3A%2F%2Fshrinke.me%2FLx6EqkS&pageView=0&pvid=17a057d8fa197900aba&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaa23f62706dfcc9f5d650e2cde6095864dc39e99fbd57ead1ab2b94b8a1560

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d53ff1c083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a87b0000083fb03be000000001
widget-ssp-performance
c.adskeeper.com/ Frame 63B6 		43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=107
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65eb8d548c36ee44-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8d70000ee44e799e000000001
1
servicer.adskeeper.com/992723/ Frame E038 		983 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/992723/1?w=970&h=250&cols=1&pv=5&cbuster=1623589752959222342281&uniqId=113ea&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FLx6EqkS&cxurl=https%3A%2F%2Fshrinke.me%2FLx6EqkS&lu=https%3A%2F%2Fshrinke.me%2FLx6EqkS&pageView=0&pvid=17a057d8fa197900aba&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed8695023a9a07ee375faa6fdc15dc9b23f7bfc58c1500ec2057e96dae9cc8c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d542f8c083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8990000083f6286a000000001
syncframe
gum.criteo.com/ Frame CB3F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1569
set-cookie
uid=d995a2ad-c9c8-4275-a138-9b0cb290db40; expires=Mon, 13 Jun 2022 13:09:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 13 Jun 2021 13:09:12 GMT
content-length
1129
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 6266 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Jun 2021 13:09:13 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3B09 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Jun 2021 13:09:13 GMT
i.js
cm.adskeeper.com/ Frame 63B6 		19 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1623589753022996600863
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
e13e6d46-5a83-4817-8823-4283123079f5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d5488b5083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8d80000083f93bf8000000001
server
cloudflare
i-noref.js
cm.adskeeper.com/ Frame 85BF 		19 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1623589753026945011190
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
115f9b9d-bba4-4d23-9f7d-66d71e11ac1a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d5498c1083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8db0000083f79a1f000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.adskeeper.com/g/8193525/492x328/0x311x684x456/ Frame 63B6 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1623589752-t-TVVteJwMhKnSrkX_-FdDwKyejtZuS-9FpbwG5DwuU
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
620eb542-9e94-4010-ac6b-63f643d34d61
age
2600227
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
16586
cf-request-id
0aa716a8de0000083fb51d4000000001
last-modified
Tue, 11 May 2021 11:29:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65eb8d5498ca083f-CDG
widget-ssp-performance
c.adskeeper.com/ Frame 63B6 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=117
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65eb8d549c4fee44-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8e00000ee44fb125000000001
i.js
cm.adskeeper.com/ Frame 5F8B 		19 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1623589753048409606714
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
f6f54513-ae45-4ccb-a41d-875c9f1cac62
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d54b907083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8ef0000083fc38d4000000001
server
cloudflare
i-noref.js
cm.adskeeper.com/ Frame 553E 		19 B
164 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1623589753051521761625
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
0a59831b-cb80-4455-be04-88313aeb4a91
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d54b91e083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a8f40000083fa08a5000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp
s-img.adskeeper.com/g/8164863/492x328/0x0x561x374/ Frame 5F8B 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164863/492x328/0x0x561x374/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp?v=1623589752-EGHMSt0ZxjVrlHcU3Sng-nCpO64azQoZf7EKaQ3ZNqc
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0631a1785f145481d16c72c11293141e79f9bcf92125fc4fbf1e7717ae196ccc

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
221e1be4-7eeb-4316-84b8-19fafd085731
age
2600238
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
24456
cf-request-id
0aa716a8f40000083fbb9ef000000001
last-modified
Tue, 11 May 2021 10:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65eb8d54b920083f-CDG
i.js
cm.adskeeper.com/ Frame E038 		19 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1623589753073656676648
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
f6af7769-8abe-494a-9eaa-c418c9a3f09c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d54d967083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a90b0000083f4abc4000000001
server
cloudflare
i-noref.js
cm.adskeeper.com/ Frame C87D 		19 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1623589753077109506354
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
113c2145-725a-4dba-a6c6-e88b4d44c63b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d54e97a083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716a90d0000083fa32a4000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp
s-img.adskeeper.com/g/8164888/492x277/0x82x614x409/ Frame E038 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8164888/492x277/0x82x614x409/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp?v=1623589753-bL8eUHV0eCftSuQaeHBmeO-_k1bfK0L0NJAIlj053f8
Requested by
Host: shrinke.me
URL: https://shrinke.me/Lx6EqkS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111f1b12a92609af7eb2019b4c0e41b44c8f4970cc13341ed286f85ceb88df6a

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
cf-cache-status
HIT
x-mg-request-uuid
c48158f9-d5e8-4dbe-bff1-2b142fdaab6f
age
2600241
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11574
cf-request-id
0aa716a90e0000083f4fa8f000000001
last-modified
Tue, 11 May 2021 10:37:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65eb8d54e981083f-CDG
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Jun 2021 13:09:13 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 14 Jun 2021 13:09:13 GMT
806.json
id5-sync.com/g/v2/ Frame 6266 		213 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.199 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e88129a05b73c583de044e595c687fc4b06733d0edf61ea0fbc928b0aacc5ae4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Sun, 13 Jun 2021 13:09:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 6266 		77 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bb667645ce9bc84123620123664bb9bcfe9cdeb7564f40e6ee184efc7754c93

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:14 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.45.26.126
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 6266 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8beab69b558aa31e939ed978637e6fa710cf6c36eabd46c75f82df8069e75d75

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 13 Jul 2021 13:09:14 GMT
806.json
id5-sync.com/g/v2/ Frame 3B09 		213 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.199 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d54332bf39cbf376b7b97251f61152aa4501bfec2953f96baafe00a3b7439ef9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Sun, 13 Jun 2021 13:09:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 3B09 		77 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
35f93a240c32f230250b0967e7f29e15f94f5619d22f8e28a375f842dfa88cd1

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:14 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.45.8.51
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 3B09 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f90eb39c9792f1704e2169c6a5d768c5eeb1f78e8a5cd56549b776f568e4daff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 13 Jul 2021 13:09:14 GMT
c
c.adskeeper.com/ Frame 63B6 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=314|94|12|Skz-O5AnpKH7Q7EA46iJzwyTLjJM0opF7GHR6N70-LSgEn1kMbGHuXDT998cx0va&fw=1&extjs=66044&cid=1062925&h2=s6DTIq8_dmTag7EPnAov6SDh421JAA5gfQGj_XKf5YM*&rid=8c5cb15d-cc48-11eb-9f10-d094662c24f7&tt=Direct&iv=11&pageImp=1&pvid=17a057d8fa197900aba&cbuster=1623589754202718723861&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:14 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
afbb2f76-b541-41a4-80d2-1cf05c9e8fe9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d5bfb35ee44-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716ad780000ee4429a09000000001
server
cloudflare
cdb
bidder.criteo.com/ 		148 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=185&av=33&wv=4.38.0&cb=19514188850
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3c1354d5633ec4c0a6ad1a6b2327e9cb164dd20e598209ec9323ca38d7f5c64a

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
151
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ 		455 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?rnd=0.48547075489712777&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FLx6EqkS&r=pbjs&pbv=4.38.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FLx6EqkS&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
724878ff76f003337340034f0707462d12869a0ff750342571891298d512d9a0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
455
x-sid
AMS-732
quantumdex
useast.quantumdex.io/auction/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3sbhHnfafWBn7mxgSgqM%2FNKl%2Ft8D7eXqvi%2FrmRpIwLDIvQhR2eeBV2J%2BZIaEh0b49KeA7XG5ledXbV8gqDvfHdzDakpTHwdhV7Wd5u54%2FVaiqz60kcMTPrt0LRxUg8kV01%2Br7GvXKGIG1jFYtg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
65eb8d5c0e2c4d8a-FRA
cf-request-id
0aa716ad8300004d8ae2b1f000000001
c
prebid.a-mo.net/a/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
581
vary
origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:14 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs-simple.com/ut/v3/ 		262 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e7d7473f140f0f0e036996fe842839c09a57b9da106a1fb7aaf7611bb8cc079d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:14 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com; 37.252.173.250:80
AN-X-Request-Uuid
a87f911d-67c6-4ca7-87e9-9e6043ee54fb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
c.adskeeper.com/ Frame 5F8B 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=314|95|12|Skz-O5AnpKH7Q7EA46iJz_gUKDthxVgBaUHnWg4ThWuu7hHE6qDT5X0amKd-TPK1&fw=1&extjs=66044&cid=1062925&h2=s6DTIq8_dmTag7EPnAov6SDh421JAA5gfQGj_XKf5YM*&rid=8c6256d5-cc48-11eb-88a7-d094662c1c35&tt=Direct&iv=11&pageImp=0&pvid=17a057d8fa197900aba&cbuster=1623589754246194533451&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:14 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
9ae3216c-c979-411a-be8d-d64fe91df087
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d5c3c49ee44-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716ada50000ee4408b5b000000001
server
cloudflare
c
c.adskeeper.com/ Frame E038 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=294|227|12|_liwLYEkE4fk-RGi_YfdqmfxIohKgTQapH5U-J0tRKy25PGnA7YT6BW4oj8cK2QI&fw=1&extjs=66044&cid=992723&h2=s6DTIq8_dmTag7EPnAov6SDh421JAA5gfQGj_XKf5YM*&rid=8c65f6ab-cc48-11eb-bfb8-d094662f8ab5&tt=Direct&iv=11&pageImp=0&pvid=17a057d8fa197900aba&cbuster=162358975424829854382&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:14 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
0598e9a9-23ab-4f27-a539-2e258cbf9753
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65eb8d5c3c50ee44-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716ada50000ee44e21a0000000001
server
cloudflare
events
bidder.criteo.com/csm/ 		0
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 13 Jun 2021 13:09:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
async_usersync.html
acdn.adnxs.com/dmp/ Frame F533 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shrinke.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=8905366246266292173; icu=ChgIz5I0EAoYAiACKAIw94aYhgY4AkACSAIQ94aYhgYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 07 Jun 2021 05:03:25 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 13 Jun 2021 13:09:15 GMT
Age
30726
X-Served-By
cache-lga21963-LGA, cache-fra19169-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 178250
X-Timer
S1623589755.053717,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 32B2 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45639
expires
Mon, 14 Jun 2021 01:49:53 GMT
date
Sun, 13 Jun 2021 13:09:14 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F2CD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shrinke.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=8905366246266292173; icu=ChgIz5I0EAoYAiACKAIw94aYhgY4AkACSAIQ94aYhgYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 07 Jun 2021 05:03:25 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 13 Jun 2021 13:09:15 GMT
Age
30727
X-Served-By
cache-lga21963-LGA, cache-fra19135-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 175170
X-Timer
S1623589755.091307,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 735A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45639
expires
Mon, 14 Jun 2021 01:49:53 GMT
date
Sun, 13 Jun 2021 13:09:14 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 32B2 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97761941&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7d0aef5b04d4c602aefe4601a06d7cc064dd3106be3865ba0a3f656bf5eb0add

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:12 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
vi-logo.svg
assets.vlitag.com/media/icon/ 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/media/icon/vi-logo.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2614029
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0aa716b1200000d725ca245000000001
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:49 GMT
server
cloudflare
etag
W/"5dbbbcf1-2c34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=giNG1wwHCk9xFVbuUu13SMEqZIGwgBY4fzkw35eVUKwWWe3qqWSXjAYMqUCHNE6qA%2Fy5cenyviE01HsVn1NCihMyrtx57hozt2O4EemqYHpzv4kUwRpkBYruuhaNhXd7%2BzdXr0ZMUt3DTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
65eb8d61cfaad725-FRA
match
c1.adform.net/serving/cookie/ Frame 0F92
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1480677634178568464; expires=Thu, 12 Aug 2021 13:09:15 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 13 Jun 2021 13:09:15 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29A6EE48-6211-480A-8CDC-3D0ACAA32439
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 13 Jul 2021 13:09:15 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
d5p.de17a.com/getuid/ Frame 150D 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.166 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame AF7E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=29A6EE48-6211-480A-8CDC-3D0ACAA32439; chkChromeAb67Sec=1; DPSync3=1624752000%3A197_219_201%7C1623628800%3A174; SyncRTB3=1624752000%3A56_176_222_7_54_71_8_230_13_55_234_88_220_161_81_189_22_99_21_3_204_166_165%7C1624147200%3A223_67_2_15%7C1624838400%3A35%7C1626134400%3A203%7C1624406400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 13:09:14 GMT; path=/
x-lat
amspug008:0:283
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Sun, 13 Jun 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1917
x-powered-by
ASP.NET
date
Sun, 13 Jun 2021 13:09:14 GMT
content-length
205
Pug
simage2.pubmatic.com/AdServer/ Frame 950E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973264899853056144
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973264899853056144
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973264899853056144
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=29A6EE48-6211-480A-8CDC-3D0ACAA32439; chkChromeAb67Sec=1; DPSync3=1624752000%3A197_219_201%7C1623628800%3A174; SyncRTB3=1624752000%3A56_176_222_7_54_71_8_230_13_55_234_88_220_161_81_189_22_99_21_3_204_166_165%7C1624147200%3A223_67_2_15%7C1624838400%3A35%7C1626134400%3A203%7C1624406400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6973264899853056144; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Jul-2021 13:09:14 GMT; path=/ PugT=1623589754; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Jul-2021 13:09:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 13:09:14 GMT; path=/
x-lat
amspug007:0:748
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 13 Jun 2021 13:09:15 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6973264899853056144; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973264899853056144
redir
rtb-csync.smartadserver.com/ Frame FAE4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDem9VN0JqQWNBQURLYTNCWC1YZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDem9VN0JqQWNBQURLYTNCWC1YZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACzoU7BjAcAADKa3BX-Xg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACzoU7BjAcAADKa3BX-Xg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACzoU7BjAcAADKa3BX-Xg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 7301
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3087873048
  • https://sync.1rx.io/usersync/tradedesk/e63cc43e-7d6b-4530-97b2-7c036c50e96c
  • https://sync.targeting.unrulymedia.com/csync/RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3; SPugT=1623589755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:14 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003&KRTB&17107-RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 13:09:14 GMT; path=/ PugT=1623589754; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Jul-2021 13:09:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 13:09:14 GMT; path=/
x-lat
amspug011:0:605
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003%22%7D; path=/; expires=Mon, 13 Jun 2022 13:09:15 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003
etag
RXc9dda522d3cb4b65b52e834bfa592b07003
Pug
simage2.pubmatic.com/AdServer/ Frame 4709
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=29A6EE48-6211-480A-8CDC-3D0ACAA32439; chkChromeAb67Sec=1; DPSync3=1624752000%3A197_219_201%7C1623628800%3A174; SyncRTB3=1624752000%3A56_176_222_7_54_71_8_230_13_55_234_88_220_161_81_189_22_99_21_3_204_166_165%7C1624147200%3A223_67_2_15%7C1624838400%3A35%7C1626134400%3A203%7C1624406400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:14 GMT
content-type
text/html; charset=utf-8
x-lat
amspug009:2:305
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=410678c4-1ee4-4b85-8b9e-c005528494b5; path=/; domain=csync.loopme.me; Expires=Tue, 13-Jul-2021 13:09:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Sun, 13 Jun 2021 13:09:15 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame AFDA
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6paJeQGTacL9Br1SC9MW-E1
42 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6paJeQGTacL9Br1SC9MW-E1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6paJeQGTacL9Br1SC9MW-E1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=29A6EE48-6211-480A-8CDC-3D0ACAA32439; chkChromeAb67Sec=1; DPSync3=1624752000%3A197_219_201%7C1623628800%3A174; SyncRTB3=1624752000%3A56_176_222_7_54_71_8_230_13_55_234_88_220_161_81_189_22_99_21_3_204_166_165%7C1624147200%3A223_67_2_15%7C1624838400%3A35%7C1626134400%3A203%7C1624406400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-n6paJeQGTacL9Br1SC9MW-E1; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Jul-2021 13:09:15 GMT; path=/ PugT=1623589755; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 13-Jul-2021 13:09:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 13:09:15 GMT; path=/
x-lat
lhrpug011:0:731
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 13 Jun 2021 13:09:15 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=n6paJeQGTacL9Br1SC9MW-E1; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=n6paJeQGTacL9Br1SC9MW-E1
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 61E4 		42 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0aa716b1590000c26d47892000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65eb8d622afbc26d-FRA
bridge
cm.adgrx.com/ Frame F2B5 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame CC92
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=ahnoeUm5abnAyuoEVMVXaS4GYQUtXKFtZdEN8PyeL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a9nseFs2aF9pAJsbYL7CCmnsrdpPD4VIVIMdyXjdZcwZatFr4UaqZaq4sMZc9LhlZbmUpHZarouHP36E5pZbtytVto9; path=/; domain=.tribalfusion.com; expires=Sat, 11-Sep-2021 13:09:15 GMT; SameSite=None; Secure; ANON_ID_old=a9nseFs2aF9pAJsbYL7CCmnsrdpPD4VIVIMdyXjdZcwZatFr4UaqZaq4sMZc9LhlZbmUpHZarouHP36E5pZbtytVto9; path=/; domain=.tribalfusion.com; expires=Sat, 11-Sep-2021 13:09:15 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20d00004a9d160b2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65eb8d634fed4a9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1547
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=ahnoeUm5abnAyuoEVMVXaS4GYQUtXKFtZdEN8PyeL; path=/; domain=.tribalfusion.com; expires=Sat, 11-Sep-2021 13:09:15 GMT; SameSite=None; Secure; ANON_ID_old=ahnoeUm5abnAyuoEVMVXaS4GYQUtXKFtZdEN8PyeL; path=/; domain=.tribalfusion.com; expires=Sat, 11-Sep-2021 13:09:15 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0aa716b15900004a9df49b4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65eb8d622c814a9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame B950
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=tw3sux7RXqtP&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=tw3sux7RXqtP&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=tw3sux7RXqtP&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3; SPugT=1623589755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 13 Jun 2021 13:09:13 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 13:09:13 GMT; path=/
x-lat
amspug010:0:335
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-n2wtq
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=tw3sux7RXqtP&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=25e28020c6f79031; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 99D7
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 13 Jun 2021 13:09:15 GMT
via
1.1 varnish
x-served-by
cache-hhn11526-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1623589756.520190,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 13-Jun-2022 13:09:15 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=14019c9d-3110-4415-baa2-e30d970fb2ca-tuct7bf88fb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 13 Jun 2021 13:09:15 GMT
via
1.1 varnish
x-served-by
cache-fra19156-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1623589755.312922,VS0,VE67
x-vcl-time-ms
67
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 32B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KabuSGIRSAqM3D0KyqMkOQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KabuSGIRSAqM3D0KyqMkOQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=23353
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Sun, 13 Jun 2021 19:38:28 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dee60c6-037b-4700-a898-28b1f6735869
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dee60c6-037b-4700-a898-28b1f6735869
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 13 Jun 2021 13:11:08 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dee60c6-037b-4700-a898-28b1f6735869
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Jun 2021 13:11:07 GMT
mw
mwzeom.zeotap.com/ Frame 32B2
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=29A6EE48-6211-480A-8CDC-3D0ACAA32439
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=cde3c64e83752fd6a2772dcca0882789
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=9fa87f2c-4559-4203-bc03-c7a21252b472&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=68a6d1aedcff4502
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79a9c658-8253-4d9d-5710-8e13048e54f6&reqId=039f1034-0fd7-4368-4272-07f1a8595486&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDo_OpKoeOGfeWEn5eyZovg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79a9c658-8253-4d9d-5710-8e13048e54f6&reqId=039f1034-0fd7-4368-4272-07f...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEDo_OpKoeOGfeWEn5eyZovg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79a9c658-8253-4d9d-5710-8e13048e54f6&reqId=039f1034-0fd7-4368-4272-07f1a8595486&zcluid=68a6d1aedcff4502&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65eb8d6658281f39-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0aa716b3fe00001f3996330000000001

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEDo_OpKoeOGfeWEn5eyZovg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79a9c658-8253-4d9d-5710-8e13048e54f6&reqId=039f1034-0fd7-4368-4272-07f1a8595486&zcluid=68a6d1aedcff4502&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlBNkVFNDgtNjIxMS00ODBBLThDREMtM0QwQUNBQTMyNDM5&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjlBNkVFNDgtNjIxMS00ODBBLThDREMtM0QwQUNBQTMyNDM5&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyafR9K7t8YA9BMP5dX71M&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyafR9K7t8YA9BMP5dX71M&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:525
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyafR9K7t8YA9BMP5dX71M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 32B2 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 12 Jun 2021 13:09:15 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c9260c6-037b-4300-a2ef-0017ba0190d8&gdpr=0&gdpr_consent=
42 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c9260c6-037b-4300-a2ef-0017ba0190d8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 13 Jun 2021 13:11:08 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2c9260c6-037b-4300-a2ef-0017ba0190d8&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Jun 2021 13:11:07 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5732227715315718058
42 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5732227715315718058
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5732227715315718058
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e63cc43e-7d6b-4530-97b2-7c036c50e96c
42 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e63cc43e-7d6b-4530-97b2-7c036c50e96c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:566
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e63cc43e-7d6b-4530-97b2-7c036c50e96c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8905366246266292173&gdpr=0&gdpr_consent=
42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8905366246266292173&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:332
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:15 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid
0a3ad787-7201-4410-99d9-21caf2060de6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8905366246266292173&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
29A6EE48-6211-480A-8CDC-3D0ACAA32439
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 32B2 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29A6EE48-6211-480A-8CDC-3D0ACAA32439?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29A6EE48-6211-480A-8CDC-3D0ACAA32439&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QrQQ2r1E2uWm_525ST5vy_4lWgMmYiw-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QrQQ2r1E2uWm_525ST5vy_4lWgMmYiw-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QrQQ2r1E2uWm_525ST5vy_4lWgMmYiw-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hmt8RhhoKBIFbnoUSWMyEx5vLkQFaHsRSW87_rfc
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hmt8RhhoKBIFbnoUSWMyEx5vLkQFaHsRSW87_rfc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:515
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Hmt8RhhoKBIFbnoUSWMyEx5vLkQFaHsRSW87_rfc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMYDewABvdrhhAA4&gdpr=0&gdpr_consent=&_test=YMYDewABvdrhhAA4
1 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMYDewABvdrhhAA4&gdpr=0&gdpr_consent=&_test=YMYDewABvdrhhAA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:401
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623589756.680829,VS0,VE0
x-served-by
cache-hhn4074-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMYDewABvdrhhAA4&gdpr=0&gdpr_consent=&_test=YMYDewABvdrhhAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f535ed4d-bc80-4400-b5e5-d526aa8b9960&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=bb453be9-77a5-4824-a8e3-4663208b396e&expires=1&user_group=5&ssp=pubmatic&bsw_param=f535ed4d-bc80-4400-b5e5-d526aa8b9960
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f535ed4d-bc80-4400-b5e5-d526aa8b9960&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f535ed4d-bc80-4400-b5e5-d526aa8b9960&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:14 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:512
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f535ed4d-bc80-4400-b5e5-d526aa8b9960&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7362372181454899982&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7362372181454899982&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:376
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7362372181454899982&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 32B2 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29A6EE48-6211-480A-8CDC-3D0ACAA32439&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a21b4a58-83c3-49b7-b2dd-4c344bf60956&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a21b4a58-83c3-49b7-b2dd-4c344bf60956&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a21b4a58-83c3-49b7-b2dd-4c344bf60956&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:272
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:15 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1082203800404637719
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1082203800404637719
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:18 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:331
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:19 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid
5f6fdbe4-d3aa-4b5b-a2ab-f3c73229efba
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1082203800404637719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 32B2
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4af2bd86-5788-4a79-b61e-6ac9c31e270c
42 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4af2bd86-5788-4a79-b61e-6ac9c31e270c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4af2bd86-5788-4a79-b61e-6ac9c31e270c
date
Sun, 13 Jun 2021 13:09:16 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
quantumdex
sync.quantumdex.io/usersync/ Frame F76A 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efc7d252da8041b4978983ee9ba9cd5d1bf8b45fe8fb2eec7b0b064aba20841

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20700004d8a8c849000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Sn9utSh7Yjtvnp7UiBhdMGkPaddzx0yLngqWO2sfKPghllslqY1J8bBQVAfIdbZ9GPDGn80iSJ20SOsktdL6RvzB%2F0RyU%2Fc0W6zoR9Yk2Tgoa3JQiyH%2B80VAMXctut0wvwaP6BD5Wd7dEXw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a914d8a-FRA
content-encoding
br
e-planning
sync.quantumdex.io/usersync/ Frame 5E99 		3 KB
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a5a2a41ecbe0eed8946bfafc8f335dc6f4f09190e8de0cd669a80e4ff02f4e

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20500004d8abf15d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xe9KTKls%2FtOV34db8u1GZU3Vo7YC4hPluojzgL0h1MyCqPFPCxMdDfygRNMmQRC0cB0VJVycOB0kEX6iV8rjxHozRelWo435I13dTMen%2FzUcXdPkVt6WZ8Y56Iv3HIyjXMLewi2oPSgYfNA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a874d8a-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame A875 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af2c7c420a87f4f4d31e5b3a4e2dfcb358de06ece39345c26cd37b5589a7d6b

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20600004d8acc396000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s8ZJe6RoxUD%2F1%2BCWzdcmiggehKBkljdyyjTa676pQR2QNDf6T%2B%2BvLTHkEziD6lkWWUEjgiSJJpcIMd%2FpJM2mk4JPR19OGC8Kc0FMP3T8t8Qm4pDBm%2Ba7e6L2khWtMT4vrDQBcsJPAUWqZYs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a8e4d8a-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame FA1E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c3c0258f6a952287f3afe1eee1782462b45c008b19223061bfe2498a73bebb

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20600004d8aad094000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hKOCF3p0aZPbePd2pZy4K2I8C%2FPwFBah0CKyVs3PCrzBFv9TcG6OKg4aNsbiUB0h%2ByYH51yVvspRWOppSCyQxPBk8y67NgeknaBPUEtNieBmGBnELYMyMTzbQMjBnwfy5mHczn%2Beh%2Fo44Po%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a8b4d8a-FRA
content-encoding
br
e-planning
sync.quantumdex.io/usersync/ Frame AF5B 		3 KB
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188f0840c96ccad75b8b74a4ba4e4acbd6008dbb5cc0f36c96758afd983510fa

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20600004d8aa8280000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hh5P6yML%2BRHwOSQJ%2BxAEHq27fddGaZhDZN2pcoJrvTLjumJ190eFNkqQQU%2Fxsy3oas98plTb%2F0b7uuPA5chXK2T1wnFPHcxywp7jF4OaQybLBRmhu6%2FkGDZqrLCBRUFDop1Wd7r1WxXCrpM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a8f4d8a-FRA
content-encoding
br
e-planning
sync.quantumdex.io/usersync/ Frame AFFD 		3 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d502e54f341e2d36893401d88cd06d9141c96fcd6a3ae4dea01bf79d537295

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20700004d8ab915c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EY6RwG3QDl3Q6kWf4bBadeYx0rS3RLUuy%2BA2fVwIH6Lb7V5iS0ae4KQcc1KUDI0%2B%2BjhWyiDgsvEuOgPplegmHxrZFjmQRqyJ8JXvXOIVdxTgT%2FFoIfZWXBeJRzUkN4I2j5KiSoAE0W3jVRE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a934d8a-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame EE3B 		4 KB
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2d26753a8677d6b64a5e46fa42767f81a35f669887d44ca671fe7b7cdfff89

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20700004d8a1db41000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hAdzNEGK9E4kAoDW7P1lhcAvtzFtUN6%2FOfTNhARsdGGhzqjr0VVyYSgBaFbNHuNXKV5fjvH1%2BwQ3UlOqT4SxuOkCSBJFdS8lOaErUBpeyzDgt106OJDxAHbpRt5Gw0G2tlD0hU5wDmM0CNM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a954d8a-FRA
content-encoding
br
e-planning
sync.quantumdex.io/usersync/ Frame 77C4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49d137c2a2281481575b296e354511d2552acb7d7671539d1a3298242282b31b

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-type
text/html
set-cookie
uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45; expires=Sat, 03 Jul 2021 13:09:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0aa716b20700004d8ae2ba8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vaBcqrcyqhEdpVUvWy9XNvo4BbWgrQ1JRtWVu4tgYS%2F0EKD6rEeCd%2BP%2FXrt1z6RZRVNP6kEOVljxKkE2U6lYwUAR9Y8OSt7NbUyMxkvWfhAfWzO9J0Y1P71RMfIeDcYA8DNxSmTzzcD4ssU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65eb8d633a964d8a-FRA
content-encoding
br
um
sync.e-planning.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-uzwI9i5E2uHJVNmpdv_PDf8CE7cdUmgWudsEKOg-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-uzwI9i5E2uHJVNmpdv_PDf8CE7cdUmgWudsEKOg-~A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-uzwI9i5E2uHJVNmpdv_PDf8CE7cdUmgWudsEKOg-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3Ddd133f9ec00aa7ed
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=dd133f9ec00aa7ed&uid=020000005D03C6600F16BE70027CC6E2
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=dd133f9ec00aa7ed&uid=020000005D03C6600F16BE70027CC6E2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=dd133f9ec00aa7ed&uid=020000005D03C6600F16BE70027CC6E2
date
Sun, 13 Jun 2021 13:08:45 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3Db09cf0e4f38e45d0
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=b09cf0e4f38e45d0&uid=020000005D03C6600F16BE70027DC6E2
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=b09cf0e4f38e45d0&uid=020000005D03C6600F16BE70027DC6E2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=b09cf0e4f38e45d0&uid=020000005D03C6600F16BE70027DC6E2
date
Sun, 13 Jun 2021 13:08:45 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
setuid
sync.quantumdex.io/ Frame 77C4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jUKq2ehE2uF2tsryYPctqtxdhEb9dprr.klIXAU-~A
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jUKq2ehE2uF2tsryYPctqtxdhEb9dprr.klIXAU-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CKMBJjbBQC27P3TCV86WeLF%2BCrrQ2GAf0SDBAnZI%2FEcxa3n6fTj0LiaUhPVdnbLgT7scywkPPue%2FOFy5yeaohUBkXpoYZdoxTSyA5HjGFL8cjuqJslvORL25bwwb4NNG6IC%2BoBWdyNSPKLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d65b9774d8a-FRA
content-length
43
cf-request-id
0aa716b39000004d8ab1aaa000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jUKq2ehE2uF2tsryYPctqtxdhEb9dprr.klIXAU-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 77C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BX4gS5uA8mqx6KwpUh8qEKyBhozXRPdFTvgL91C7u41DNXtWxRx5HGykg4I4A5F2zRoylsRhRs3VUGqabBKyTY9itUAlSrzZqJDBJg4jGDA3m5y9%2BiDPyRAINjP1k%2BjzddEBDRpy6ZGTxrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6899744d8a-FRA
content-length
43
cf-request-id
0aa716b56200004d8abf1bf000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid
c794cccf-0888-4dcb-bc72-9db45f6da6d8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 77C4 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 77C4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RNbkZNQTncrXC0xu9zu939Zg5rHXCEy3chETNlXvuFxYdVXwnLKYHZ7AqYcQXKUPFyIzuLEhkepmp2h90qOH70R6kIsjH0kw4cRvp4l9GI96l5ZJzFcewAr7jnE7LrqzQ8k0csejAu7%2BSTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79a8714d8a-FRA
content-length
43
cf-request-id
0aa716c00800004d8abc963000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 77C4
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ua0YxxJjtbPzrt7BKkoEcfT21J9ZY%2FYD1SSXIxr7AF6otlUSUmiYbIE2XbT9htWBCo98w16g5hVDSC3kgPsK4GstIZJNW%2BAuw1h3KO%2BY17aS4j%2B%2B6ck9fKGnzJzNQJJpeoSy%2BsJl9J%2BrqjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d797ff94d8a-FRA
content-length
43
cf-request-id
0aa716bfeb00004d8ad793b000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame 77C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3666078660506942530
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3666078660506942530
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7AdNTsye6R7l4GQx0w%2BpNlKIdWW1IIpdaLa1MDtSW1B5Z4HZVF1VIQweQnpFgkLjMFuw1SN1Xk1NoUtUktVm7rfqnDx2mAw8ry88BS12PW80QahDUsEnZs8xH%2Fwmb2WNPXvlW6bsMrfhfsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6899804d8a-FRA
content-length
43
cf-request-id
0aa716b56400004d8ae5911000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid
b21b9929-8d24-45cd-b89d-791fcf07312d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3666078660506942530
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 77C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6894404040182076459
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6894404040182076459
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4g1gvF1gNldz0lLsWqLUx3JKjDg52y%2FRMzrpYZBKHcB%2Bab45YijYmU0D3Op4zxA26oa8V0E7FApTpEZAcz5EF61km6N7YQs2u50qHyXyc0ACsLinFDpQgURarqznfxydAnb7BCZr%2FoFDy5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68ea364d8a-FRA
content-length
43
cf-request-id
0aa716b59200004d8aa82d4000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
afa9ae88-e754-4fb5-82a7-6d9fdb2f6a9f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=6894404040182076459
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
sync.e-planning.net/ Frame 77C4 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 72D0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a961b697abe9acd4ee5a907649a05a0b546626f3a77afb135e5b9d98d276029c

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMYDfFLsWAKiTepFLQBxjwAA; CMPS=5167
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|13|10|152|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1830
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfFLsWAKiTepFLQBxjwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1161;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT CMRUM3=2d60c6037d05a0&2760c6037d0b40&0a60c6037d27600&e660c6037d2760&9860c6037d05a00&0d60c6037d05a0&f160c6037d05a0&2f60c6037d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfFLsWAKiTepFLQBxjwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:16 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:16 GMT
/
ssc-cms.33across.com/ps/ Frame B8B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP001
date
Sun, 13 Jun 2021 13:09:22 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame EE8C 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMYDg; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame ECB5 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame AF5B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FszR%2F%2BHImX5TGKG2BFvuMnp1yI3V3SpemaHHxebYMGFNwdUDgnqE3JS941j0Omhi1bzUlVimj4HSiXrejpJThjzNNUBt37sw6lhO0Dy4qyXupeBnzMcmdpxqmSXpwHyCRwc%2FIwVD2OiBrno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79a86d4d8a-FRA
content-length
43
cf-request-id
0aa716c00800004d8aaf910000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame AF5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5584759057284077966
43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5584759057284077966
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D%2F7KWANP6x7mq4BL7qRzB9x0zDhAgFzSusBrXdhBI0zd5%2BQFoBv3D9uZhxNEAH09%2FWgFKmAHKFleUSmaERMh4R8bdUqAIgztg%2B%2FFbAw8Kodp6UCWlOYhhAPWV5TJSY1honbliKruXrF5DWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68fa5b4d8a-FRA
content-length
43
cf-request-id
0aa716b59900004d8ace860000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
fc48646c-8fef-4a77-be22-cfe56d07fcc7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5584759057284077966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AF5B
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ukZSmBRney8KRTXDhdG795rEddyxptYe%2BjwZs%2FD019EZ3qhEBZf%2FMFK4riCrepMVQrokvr9P2e%2FWGxAll5q5mVRXEOJXiggdXVmuCpKo8AhDkF0c5jYgGMXU5w9IPJagY%2Bv6DaVS44RvTpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7a39e64d8a-FRA
content-length
43
cf-request-id
0aa716c06600004d8a8e1ee000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame AF5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7921775277216546723
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7921775277216546723
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ILrw2qCkQs%2FJLZOlSILPXOnI2PiNM3FVD1Ui%2BXHXUD52q8JcUGUhEPbWMjUZJOBQBPqb02pUJWAFUXfVqDRvcBODmD%2BPBNu8gN2GVohc7m11jzbIiQCTtvYkS5z3XkDnnKF3byKTNqJBUpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d694afe4d8a-FRA
content-length
43
cf-request-id
0aa716b5c900004d8a9dbbd000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
bb67a73b-8702-4d19-a4f0-53f1a15a199a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7921775277216546723
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AF5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=9181297625481880039
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=9181297625481880039
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tezG4DStU4zY0v5P2wyMIpzcbfgYmYrx%2B9fFf3T%2BD6C6Njc66ak2WCS0Efv9TRD9FPqJuxBeP26Ixqa0YIkaiHlJq7%2BQpRohFOoBCMJy2hIjWxmXByWYnn8B%2FmXe6UsYCwKEqwjgUBDzIEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d693ae04d8a-FRA
content-length
43
cf-request-id
0aa716b5c100004d8ab32d9000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid
b7aa986a-37ad-4005-9b84-3e327e5d2050
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=9181297625481880039
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AF5B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=52r24ym%2F8Xo%2FO1H810eP%2BXlQeO6TE5o8ikMoXmoQw7Kk8G%2Fma34dn5eO%2BHiycW5DqIoedTsVGD%2FGKWUm4ePqmvOKf%2BCDrtRFVpav%2B9HP3Rb7tnuu4hmqhRY4FHBGhCYM%2BBYc77T9cIgVuys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d65c9b64d8a-FRA
content-length
43
cf-request-id
0aa716b3a000004d8ac21a7000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame AF5B 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame AF5B 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 22BD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
516fd3487ab903e6af741952f98741183332fe46abd277b62d2c4a325a6f9460

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfFLsWAKiTepFLQBxlgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|221|152|13|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1870
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfFLsWAKiTepFLQBxlgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT CMRUM3=2d60c6037d05a0&2760c6037d0b40&be60c6037d05a0&e660c6037d2760&9860c6037d05a00&dd60c6037d2760&0d60c6037d05a0&f160c6037d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfFLsWAKiTepFLQBxlgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:16 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:16 GMT
/
onetag-sys.com/usync/ Frame 358F 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set uc.html
sync.go.sonobi.com/ Frame BB9E 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMYDg; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame 1EE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP002
date
Sun, 13 Jun 2021 13:09:22 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8gcroZXOXYtzsJP%2FjaEtk837kpPv19f4wOZWNKmLAl2p5p0lNziaJG%2FxsJ%2FIL1qYROXbwy4WSc8oWNwqQNQhcf4ffouoSfXZRyuJUO8ewOyXgo4fnaEdGz7byJYyBj%2BaWBwgJA095eGoUh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7afbce4d8a-FRA
content-length
43
cf-request-id
0aa716c0dd00004d8ac2318000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8140979084321353528
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8140979084321353528
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8wPVwyvVc%2FnSP8LlqTosz7SklBaFluO5WhehE6TtyzoXvvJbD8bhdm0qmTd7CstZV0amTBYUXTVczRiYTfG06dqJFrELabTO0KnB5z2Zlp%2FFp1SGOdy0n874VFBEfpj%2B73%2BbHDmZuDLvUIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d698b9c4d8a-FRA
content-length
43
cf-request-id
0aa716b5f100004d8a9dbc3000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid
7842508e-66ae-47a2-bfa8-44ade5fcdbd0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8140979084321353528
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5550114133098968928
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5550114133098968928
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QacNQmT4as%2BvVUJH3nwBJKJuFMMAN%2BxY%2B%2BP3uP2IZP8OXnFz2uUACQrthvwf2ieuKkovJtsbWMG1zLVdGuMWA0T7qzJUPRYOh2RRhmRy%2B566wW%2FT%2FpUl5wG9XBMNy0t1gK35v349jeuCMxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d698bb64d8a-FRA
content-length
43
cf-request-id
0aa716b5f800004d8ab7b98000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid
936944bd-d988-4641-a281-18670b3942c5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5550114133098968928
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4872801305260294598
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4872801305260294598
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iSluIqQ%2BvE3U7eWAwov1TkXKxiIBFklBvB%2Bd174iZq2J7TAmHkYe8OI8ls3LHkyxkaLP4z%2FyuxGwG%2FV1zTj9OWB2ydBiRu%2BTWCafguOy2sWbyaDCgZl83NnDceO6mtMRfVW0qlXSSZiLyK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d69cc514d8a-FRA
content-length
43
cf-request-id
0aa716b62000004d8ab6340000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid
34315585-405e-4982-902c-f410b7a0c10a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4872801305260294598
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-35fdbae6-5a49-4e98-b371-decbd3a23e42
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-35fdbae6-5a49-4e98-b371-decbd3a23e42
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3zSbRTXBQIOE5JTnngYirEEIQhtqJzBSqWQGpboCYTzucGn1oM4M%2BW0otUoRQaKlc3TgyHn6QOYYttzepOEX2yGf5Y5aAPGF9dFl5o5TYSFRgG8CnbyffY%2Bru473s8UDZvnXCRODZGFxQ%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6838674d8a-FRA
content-length
43
cf-request-id
0aa716b52200004d8ac73dd000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-35fdbae6-5a49-4e98-b371-decbd3a23e42
date
Sun, 13 Jun 2021 13:09:16 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-BHbtb3ZE2uGq2GDXC0BtWrKNIpYWemvPDmv8UJQ-~A
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-BHbtb3ZE2uGq2GDXC0BtWrKNIpYWemvPDmv8UJQ-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WQgjPPL8U3MI7x8ZvrHBbSJoD6DEJtaqbr4MW1zWbthLvPALFuEYpXMUYysgk8EmzfrAIHky5XFPYK4BtgdVrFTj7ggkQqZbU5Y3j6kzKdcjtVsVS7WCaesO8DTkqiyEzYeOldqbaamSrjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d660a524d8a-FRA
content-length
43
cf-request-id
0aa716b3c200004d8acc3b4000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-BHbtb3ZE2uGq2GDXC0BtWrKNIpYWemvPDmv8UJQ-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3b172767e1479757c4d3b398
43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3b172767e1479757c4d3b398
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Jyi0Fd8oJWfRmMxUdw7mn%2BcVsZw0WhxzS3g%2B2bcKPdclakqTr7LriacdJdWhhBVvwxtJtReNMXOI4vYqAiG97P5EjOdMaEtIeKmVnmKWVeFjeYPmsVYIewL%2F4GyV8AAa%2B9%2BcndR8fHs7lBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6e89e74d8a-FRA
content-length
43
cf-request-id
0aa716b91400004d8ae2873000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3b172767e1479757c4d3b398
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=thtdZLj9w%2B6U7q%2Fn6E8cD9N%2BLXO8c0Afir7xrgy4MwrT0S%2F9zjiVeX3lGoy4oWIPrMtRP4GVx7PBdJEZrNrXM8IlD9R4j081C9mCD4Qt1%2BcPkzDFfMP6W%2FnDl5s9FKUDAAQTZYr99Y6%2BdkM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68fa594d8a-FRA
content-length
43
cf-request-id
0aa716b59900004d8ac9a93000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame EE3B 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76a151be-6d7a-4b11-85b3-000f5c11f684
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76a151be-6d7a-4b11-85b3-000f5c11f684
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BoKVLFjhEyt5bF2uogCVLqQ%2F68qMDHjJQrjtRYy9YKzNNDczIwOXq41FKKe0a9BEdElfqeE%2B2%2BQgrI%2Bm72n75YogRatbz%2BxHCt5CaHwRniKGDyCDVBpcFvxQATQj8IvfuAcJ75dYz%2FhsCTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d651fdf4d8a-FRA
content-length
43
cf-request-id
0aa716b32d00004d8ae8bda000000001

Redirect headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nAn%2FX9zL8LEw9KvPQboCVlx8KwFHKfesBqGDQqjMpFHGMxOs47ZIOTUnv8izg2h201CvpG7eVkdTMhr%2BqaHw3LAwqKUpdmlga1nxBjbMOv%2FTw63udgkcENXt8u%2BHLAPMUMZ6wwy9juK4"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=76a151be-6d7a-4b11-85b3-000f5c11f684
cf-ray
65eb8d644dd04d8a-FRA
content-length
0
cf-request-id
0aa716b2b000004d8ad1a63000000001
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PsBkPQZiGli7CYc6CKRqSSyPTPbc%2FRFEGvWOhba8JKVYNZexkDjJvALyB1zkGj5iPhy2ie7XwiajtwqbY7U7rJd3P%2BVNRUKQTDicUlT2BGVd3nT5aQIFbwc%2BeAxBng%2Fk7gB2tygbMqoH%2Bhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79d8da4d8a-FRA
content-length
43
cf-request-id
0aa716c02200004d8a9b20e000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame A8B4 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5F49
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6a82f4875f43c7cc283cce6ce5188833b378a26e8bf9bd49f6da9b1f426004ca

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfHPqOiYwYblFm1JKBQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|73|41|190|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1823
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfHPqOiYwYblFm1JKBQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1154;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMRUM3=e660c6037d2760&1f60c6037d05a00&2760c6037d0b40&2d60c6037d05a0&be60c6037d05a0&f160c6037d05a0&2960c6037d05a0&4960c6037d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfHPqOiYwYblFm1JKBQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:16 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:16 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 224A 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMYDg; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame 7AFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Sun, 13 Jun 2021 13:09:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FF48 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=23353
expires
Sun, 13 Jun 2021 19:38:28 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5d1a4580bed4b91d87e46c62
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5d1a4580bed4b91d87e46c62
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1dRo9NnRKMZekcrPLmlFK8LCaxlyPmi7kNK%2F11mzAtfZFTtZJlJhFOMSSunCuFjxsFBSS%2FwcHF21kDeFlUuJHShk%2B6dEz76%2FhF5CMt2cmKJKja1WzIA%2Bzjm6ZjYiBvolk1OVWidHXbxqsIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6eba484d8a-FRA
content-length
43
cf-request-id
0aa716b93000004d8ad7875000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5d1a4580bed4b91d87e46c62
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1531160393633334692
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1531160393633334692
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MAUXzCAFaw6qFNlNaDjk8ATkdoNrV%2BTKVymAVuo5sTnYZS4LHVXLhZlmw6QCxBQ9YoOFgb7YPOrDk2qgqTUhEpjJ4luKJUntxe60fMXbwJFcJK1F2zw5OO8C7yF7hUsGRQRqG9%2FiUrCqy%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d69ec7b4d8a-FRA
content-length
43
cf-request-id
0aa716b62c00004d8ab21eb000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid
139395fb-6019-4572-8423-3b2f6b0c04ab
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1531160393633334692
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e48f70f-cc48-11eb-b24a-0689dbab2d22
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f70f-cc48-11eb-b24a-0689dbab2d22
43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f70f-cc48-11eb-b24a-0689dbab2d22
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gN1GZ9I%2FRlkHCPmYsB%2BuH3mEC1gNSJcYih0UKgFC6OsQca%2F4UppSuo%2FvqmgZ8I%2BYrHq0d8PcN0H%2BchQOeJ7%2FXRi%2BbT8%2Bi%2BhP8N%2B4Nh7uJMXSid1VTrtDi2RxzXs9BAKSsbMCaiFMirOu6Go%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68fa564d8a-FRA
content-length
43
cf-request-id
0aa716b59900004d8ae5917000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f70f-cc48-11eb-b24a-0689dbab2d22
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame F76A 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=06695837-ee96-4148-a9a3-000a2f8bf10d
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=06695837-ee96-4148-a9a3-000a2f8bf10d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xMEfSy%2Bg4fusWnYQXywC7Aus3eH1mHwZSC0l%2FN1MLwrhK1e7NsFDLIptC2Dnj6ro8cIR5EKq0IXGeC0qCnPIOsfySmN82Bsdia50zj0it8wuh99FsedG9o47yg5ay%2F2zpOASM8t0O1omOhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d651fd94d8a-FRA
content-length
43
cf-request-id
0aa716b32d00004d8ab62ef000000001

Redirect headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AM4n11QT9cg69RO2ZLvZ87dFupsJlxalIjdEZHessf2Yxg4IjLtxs2nCaClJ2cKtJrjHks9qbOffZs24tyYIt55VDt%2Fo1yCNDI4pTl4NqV4EjAQVjeU9INZZMVovuOOkmBz%2F4cQSGmbM"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=06695837-ee96-4148-a9a3-000a2f8bf10d
cf-ray
65eb8d644dd14d8a-FRA
content-length
0
cf-request-id
0aa716b2b000004d8ac9a4c000000001
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uTnEZWnxrmORuM9sBTnVkjBmuh24v6rcHWKRfactbTqfUoQh2h%2BhJ0ygPQb%2FELC2usYEJSUV8nqLDZNq2qXiG5%2BG1fzYGsrjHovnjAcvzfb0QxCWa5pGsSaplorkUSqcwDgt7hueHE0QI50%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79a8724d8a-FRA
content-length
43
cf-request-id
0aa716c00900004d8aebbbb000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GaJKrZgX9NuTxM9ado6vd6ifcrR5TjdptTEbzGc%2FrvJYlY6N38bVlxUsc3mR0TlhQfjYuj5EFd2H3l7WRmVM0sWvMT56gNhsSRz%2BgfO8fmKdqodf9Ais1viRokruYjRWz3XcuII%2FCLtYXeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7bbe124d8a-FRA
content-length
43
cf-request-id
0aa716c15700004d8aaf92b000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=353978007415450317
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=353978007415450317
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=enaDnCH8w0kaOR9ECa2nD6XMsLBExn7fJrdkh%2FBC%2BcZZPL8JD5ZL%2FBYS%2F1akrAkaFRovqOujR5NuksLkMJGl0%2Bm4lD9BEWTOKrhCBKHiBYefLWGJYlhQ%2BcoH2nWDRgeuxjYgH5Dw0EKchI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6a1d184d8a-FRA
content-length
43
cf-request-id
0aa716b65200004d8a90beb000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid
a4ef342f-5de0-40ad-a9c4-f64090df9574
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=353978007415450317
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1141823912966532412
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1141823912966532412
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g48gMGWBpiRezrDrcNBoBY2LgmlFNt9Pemx%2FYGg%2FUmCS5ILQ%2FnwAnt9s8PPPxP%2FoI1fnHeGv4mOYD7owgWms620z8K061GIkSL3uobwqJ1ZI0TVbGhesWPK5EPLGwob238Hn113XuI25Lrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6a2d3a4d8a-FRA
content-length
43
cf-request-id
0aa716b65d00004d8aba8b2000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid
be251bd7-a74a-4637-add6-3c3d4bf6eb1d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1141823912966532412
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-cf02db6b-553b-4724-b1be-b032009dc726
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-cf02db6b-553b-4724-b1be-b032009dc726
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aP74VvMlaJyvAcdndo0Q0Ce5YAojAclvl34dk8x0sRORSbDmbIyFzAEX%2FPgKXQnnzK1ErwxPanRqHHcMrIOC68AgeTPXKMU4QRINM%2B%2FHL57fe0si2FUo5rXgLllmwl%2BMUV4oIZK75Dsk5kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68386e4d8a-FRA
content-length
43
cf-request-id
0aa716b52200004d8accbf3000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-cf02db6b-553b-4724-b1be-b032009dc726
date
Sun, 13 Jun 2021 13:09:16 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame F76A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HagFhbNextVXy9AJG2R%2BRbIPvFJbGB6vkmoGD2gbJvjm2XxfuMKllNmUXSyLeW6EVfCqyh64ofNsN%2FX9gbfUhwgWu5QTNRsdYJw1tzuafZrW2Ervf953ECwt0iYwc0ZMPpxHJNG986VneE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d66cc7f4d8a-FRA
content-length
43
cf-request-id
0aa716b44200004d8aa82b3000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RqVTflpE2uE_k5usMcr3ygldc3ZrJuN31ZYqqik-~A
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E7A6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12afca00f5c63f6ef092db7eca25a64664936fcc4034cb5c05cc17bbd89badd8

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfCgCVyYpZwlPHzN22gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|64|152|57|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1700
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfCgCVyYpZwlPHzN22gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1196;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT CMRUM3=e660c6037d2760&9860c6037d05a00&1f60c6037d05a00&2d60c6037d05a0&2760c6037d0b40&4060c6037d05a0&f160c6037d05a0&3960c6037d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfCgCVyYpZwlPHzN22gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:16 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:16 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame BF62 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMYDg; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame 24BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP004
date
Sun, 13 Jun 2021 13:09:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 97E7 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=23353
expires
Sun, 13 Jun 2021 19:38:28 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 78D6 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nx26KEFnCei3HBHIJufh3xsfIN1cCIC0HpHBLCKcdve%2B0u767IGkmJhS4a87BUZkQD0hOpqSECOrhW8uoXbi09ZwODOdb1hVOS5j6glr4SnolXCvC%2BsZOqstb5bTOkwU7dAM1MLmLPaCET4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7c7fe94d8a-FRA
content-length
43
cf-request-id
0aa716c1d000004d8ad7972000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1781140674783350467
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1781140674783350467
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mveuD7lm08FYinab%2B8t27ZNIfgaUFmuRbtXryV99CVGp95fCSDKTLfMTumj1Lk%2FIMCVIUR8sWN4XQcYtd6aA21jNR0AOfCSCFXeEvyLYGqSZQ2yMmvyc7KcqoVlJkcdJK%2FAnkQqVPn13zmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6a6deb4d8a-FRA
content-length
43
cf-request-id
0aa716b68200004d8aa82ef000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
e0e247c6-5309-464a-8ebc-ba4b335887a4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1781140674783350467
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=313683194098244285
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=313683194098244285
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PxcYoql0NLS56fg3SJ4YMmfnT%2BE%2FMYDW8JWwH5urIiMu6i8HSuIHLoHu1odL3OMdrMis4pqm8fLXwOTeyY%2BQPJr3MdxmXCIaBiSN9kAHgJSCQqlrs6dbiCrGGRAUxpuuIuFGGN339xT6DAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6a7e1b4d8a-FRA
content-length
43
cf-request-id
0aa716b68c00004d8ac9aae000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
ff7f5579-f6bf-4d69-bc69-08e1979cd40b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=313683194098244285
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4460293866837164126
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4460293866837164126
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qIEcJjrymDQpRkmwh19vqoyvnX0JQlVjXBUwiA4cfiw%2BEI5zUpEvXYgeWwS1DMdVnMCVYtYGIyv9WWHKmpOxkd75F4E97rb6G4SNzblBPX%2F0JYxMjkndZcnvLCBa8fWxZRZ1Lk%2Bnvfp5k8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6abeb64d8a-FRA
content-length
43
cf-request-id
0aa716b6b100004d8acc81b000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
7298f14a-3081-4062-879f-8aa122c6f12f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4460293866837164126
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-96cbcd8c-fdc5-4db5-9484-1018f90e21d8
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-96cbcd8c-fdc5-4db5-9484-1018f90e21d8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X6LWISppRGM9UDH2J3vKLFsYt8IFUk9G%2FKyQY1ofZ0IyP0prf%2F1ylJ04cXqEYBs6aFG5IMR%2FGN8lfOh1nPn3Q4onI4P1N8axQm7TilI2zOJcNbD7EKtfWBNryccqP1EmqQ6%2FJhqHFGsliS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68386c4d8a-FRA
content-length
43
cf-request-id
0aa716b52200004d8abf1b8000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-96cbcd8c-fdc5-4db5-9484-1018f90e21d8
date
Sun, 13 Jun 2021 13:09:16 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tqORMeNE2uHi.TkPrtH6cq2Hln_ylZ4DbfQmw9Q-~A
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tqORMeNE2uHi.TkPrtH6cq2Hln_ylZ4DbfQmw9Q-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=La7k1RtMfTq%2Bk6XI4uGmljL7Yua1CFhXP6TndXd9u6Mlp0VsxqF%2B2a8BTmE2%2FfMD%2BuZuJpo7JjkOlOZf0oKcv2svD6PrP2kaKlEZfUpkEIqBvtvDMH8N1vqvsrRc%2B8XM6nCMw1w5ujhvYnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d661a994d8a-FRA
content-length
43
cf-request-id
0aa716b3d500004d8ac4996000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-tqORMeNE2uHi.TkPrtH6cq2Hln_ylZ4DbfQmw9Q-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f629aff874861daeb0546f9
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f629aff874861daeb0546f9
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xAvEHe6nmftbIYuw%2FyeirfjK2654qFJttq8QvVuBsr2cEajX5jSK6x8KDYt9F5FikM564glamJBhnyCH3RzQw8RNqSH%2Bt2gf3Dnf4Y9ySOtT%2BrjIHs4Q%2B8TQa2FhG1aCytYO%2FIQzYRAVOBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6eeaeb4d8a-FRA
content-length
43
cf-request-id
0aa716b95300004d8ab7bfc000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f629aff874861daeb0546f9
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Fd%2Fp9so1%2FCyY4REdw7c25FIVX6jqTcbB%2BmPYK9ny3kW0C1qWSJWCm0v3cbB3hoyGY%2BkDgmXS%2B04PKX4LEsEgPsid6tUn8WHO5NS9K%2BXLa97b6%2B24q2BwyYOMzLnI9HMBVNnuRGbW08CmvhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d693afa4d8a-FRA
content-length
43
cf-request-id
0aa716b5c700004d8abe9ff000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e48f6d5-cc48-11eb-b9d0-02c7dda1a2b2
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame FA1E 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JXujLtvXeMZJ8KUzh815xvGRwh%2BYvXAZD%2BzE3F6dKaEzAnGFfr0epeHelq8omCtDKO6bHAnHvoiCdZgYT0fn6Zcj3Fb%2B2TlcQbLIWCTR%2FXZnqze7zUY8ZvsXeYWUP%2FILQW1eubi0nUra%2FHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79d8dd4d8a-FRA
content-length
43
cf-request-id
0aa716c02300004d8a8c9ee000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame FA1E
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sLMGpmkNSy64iLeZRjAVOHKGkXKxVOGovCHGpT%2FdUoY7f%2B3ba8a43RG0V%2BViTi%2FbHXXks0AaFmXW8lJ9vsijxNR42XHg00IlKfVXJuuji9R%2Br73JxISqZc5N%2BB1jwRI9PavE99dh6aUzM7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6879054d8a-FRA
content-length
43
cf-request-id
0aa716b54900004d8ab1ad7000000001

Redirect headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bPs44fh41UZ%2FR5AvlEH0NqWY%2Ffq%2BK8VU%2Fl7LBL92rbwur735JqSJ4TIDn3BuQtEvJX3U0iKcUPA2bNdPvp2TnPC3o26VDoIrhP8ilk22%2Fv%2Bzr1x6C2TWfHU12BbEhPuyMAVM1ilnR%2Flz"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
cf-ray
65eb8d67aeed4d8a-FRA
content-length
0
cf-request-id
0aa716b4c800004d8ace84a000000001
/
onetag-sys.com/usync/ Frame 990A 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bdb191fa1e8fca9543b7fdc62a4d35a7fc5b47d1b2293a7b84649b02c991219

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfDKWVYdYuPun-RoZXwAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|196|88|188|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1739
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfDKWVYdYuPun-RoZXwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1145;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMRUM3=e660c6037d2760&2d60c6037d05a0&2760c6037d0b40&2960c6037d05a0&c460c6037d05a0&f160c6037d05a0&5860c6037d05a0&bc60c6037d05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfDKWVYdYuPun-RoZXwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:16 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:16 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 1604 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMYDg; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame 9F00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP001
date
Sun, 13 Jun 2021 13:09:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2C7D 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=23353
expires
Sun, 13 Jun 2021 19:38:28 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 5E99
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6967112891132531767
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6967112891132531767
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=juWT2P0Bf%2FyXUuGTQmmJo0kMAysyXLaJDKabIy4dtp50Sd%2BizNWrhngCTiFJyQFnfFFRI9VlBcOZNeKAEid6Zj%2Fm0vKKM6RrrAik9skHL5YcSc04nkwMCujXt0crykIN0X1Kd9ZoEQPypk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6acedf4d8a-FRA
content-length
43
cf-request-id
0aa716b6bb00004d8ab6354000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid
ad53ac7d-183d-4c2e-b70e-301435b76923
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6967112891132531767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5E99
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8644186993141574270
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8644186993141574270
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XUHI3WwUxavYBNrXIgrl00Y2UZLwSd2AGu2%2FH8Rx5y6Rv1aXl2g4nihjZm95nHKYRHvrq5Grw3oRsY0vRZtZS5YPr1FycaPAmJ4Qh2%2BCRkPLXir%2F%2Fdx%2FctFebVO%2FYwClqh%2BaP2fKAcquX%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6b0f554d8a-FRA
content-length
43
cf-request-id
0aa716b6e000004d8ac7009000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
fb1bd742-6c25-4cd8-96e7-c18fc71dbc4e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8644186993141574270
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5E99
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6838199116162888659
43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6838199116162888659
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H29TaB56lQwUDk9Yk1d7wSCKCsX%2BUvfzipkzHAsfSH3XxHLlhOpSZu%2F3RbIrt0qfjUKgNqBOXp3EheCICdFHAOfLQwWcTikBPWPxilp%2Bcg4tReE1sEiJHi8qezD7j7U%2BUX3nn0XJPThtLjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6b0f734d8a-FRA
content-length
43
cf-request-id
0aa716b6e700004d8aebaaf000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid
6a80e4a0-227b-4431-8b41-57282e764fdf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6838199116162888659
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5E99
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DKhIaytE2uGe2t77ZMKljf.iZF2oN1RzH3hedz0-~A
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DKhIaytE2uGe2t77ZMKljf.iZF2oN1RzH3hedz0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DW8akDSqB4FerGkTW9YEFV4l5DGkXOc%2Fpl75YIzgm3Z46hSSjXkqVVPNGpG%2FrNkTR9Zw%2FcRnAVNStIYBPYewGkgspq33NXBILw7isym2zoSUSzVwW9OUJFlW4AtKruFt60oSLelstrlXi%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d66ac084d8a-FRA
content-length
43
cf-request-id
0aa716b42700004d8abb938000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-DKhIaytE2uGe2t77ZMKljf.iZF2oN1RzH3hedz0-~A
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame 5E99 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5E99
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rlURPZK3CnhMcLAnp9SwMaVsJdDSIjua2RFUxoXe2ETzQ%2BR41tZiDVvq0QkiAwuqw5QQWOXqP4KssqAA0%2FSJeW53dTks1G5sq%2BuQmTAacMy94GMcHi9CvF9LgQtjEN6aLFgcnP87gBJ%2Bw5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79a86e4d8a-FRA
content-length
43
cf-request-id
0aa716c00800004d8abeb0b000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 5E99
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BbtZfSogBQ%2FTbgpCsTtSv06GUqmFqvJ7MPS1RX2LhEH9kAZlKhM0fuZWYvGjg0ivyYtcP7f7cjXuPa3p%2B%2BO38WbPBCpyd4B5vGmccg4Gb4n6vHHoaC7ADiP2W2pgcjQEw9ndpOkMxrXiVWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7d4a014d8a-FRA
content-length
43
cf-request-id
0aa716c24b00004d8a98920000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
um
sync.e-planning.net/ Frame 5E99 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 8529
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4141c61a7bfcc86f9b2be5dd5036ae6001d6a5cbc6cf2bbdd4a6bf89351a4026

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfPltKRMeax2AtomlUQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|4|3|130|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1745
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfPltKRMeax2AtomlUQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMRUM3=e660c6037d2760&4160c6037d05a0&2d60c6037d05a0&2760c6037d0b40&0360c6037d05a0&f160c6037d05a0&0460c6037d05a0&8260c6037da8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfPltKRMeax2AtomlUQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:16 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:16 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame E8D6 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMYDg; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame E9C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Sun, 13 Jun 2021 13:09:22 GMT
/
onetag-sys.com/usync/ Frame 51D7 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame AFFD
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5mamFhBluf3UW3GIYPGmwoV0XY%2B2XvrGq3pjADojjMa3px1h%2BlnfGJVsvQ03MNZW46iv0K8IMkVtlsaPrFizQthDdDOpcNwG2r3fmBSiSYyWg7Htrc5QOtWZBnqImtdk5A%2BEH5uRviKlzNo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79b8914d8a-FRA
content-length
43
cf-request-id
0aa716c01000004d8ab789e000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame AFFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3870844058052783842
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3870844058052783842
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1n9YGtmZ0dG8hYwpV3clxyPyFldfg9OGa0vFVOiIKJqq4qAaUM1RBKjGrqW%2F7pMY40MmNLFD%2BUeTd%2Bt6hyYG4BAYQqz%2FnlpW9EOzImFqDP7rAE05GXmdHNpC5CYvWOrHn1kuInMdpcnvKK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6b48184d8a-FRA
content-length
43
cf-request-id
0aa716b71100004d8a8c8d0000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.44:80
AN-X-Request-Uuid
0e7ca76c-2ec0-4ac9-8596-576d45c49257
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3870844058052783842
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AFFD
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tqsv3bxDTznQR75CzesEFjZ9Hc2s0LD%2F4KSmI648nYgGagsS8SgUH8sVzc35AJX3u96FntOKm%2FMgBQDta%2FUo5mNBznAvFBlfj5MC0wtlQMdiWnvU34bAM7t%2FZLvVg0g5CCS%2Fn1nC8K1NDBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7e0bde4d8a-FRA
content-length
43
cf-request-id
0aa716c2c400004d8ab4380000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame AFFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6598729735887820033
43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6598729735887820033
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S4f0xWfdl6G%2Bt5uy0WxJYBhjmTzXAPbq8KzKola14yTbiKAW3sOfs49PVOlGprUY%2BbUG5DqkiEJGu7otpsLRqNovp%2BO%2ByndRFY68oL5V5ipsXxwTT%2FB8jpMgFQoWJsQDcZCxpC9OsekWSkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6b58344d8a-FRA
content-length
43
cf-request-id
0aa716b71600004d8ac2205000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid
447017d8-e3b6-47d7-9faa-f6a88c357299
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=6598729735887820033
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AFFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1082203800404637719
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1082203800404637719
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2wS81lXg5FQ92sBQNYjypIjSFWuQ1T4i0OSUJkM8uSFBQGG15MAJl%2Fn5RDKHYti2e8Oe%2BDwHiQQVhF6wuoxDIKcCyyIJEPCfr30X6yelNfOkie7OE0R2urZK6h4bwS2U1vX3Q1HhNCbrvPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6ba9154d8a-FRA
content-length
43
cf-request-id
0aa716b74900004d8a5f1b8000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
51383dad-169e-4da7-aff7-468366344d9f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1082203800404637719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AFFD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-t4r1hI1E2uHv.dhMrxUQ9WRVC32PzSM8n2G2x8Y-~A
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-t4r1hI1E2uHv.dhMrxUQ9WRVC32PzSM8n2G2x8Y-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1oLRMbn36ZGvfMo0y1mNm4KwQmjSl%2FLxXMe%2B8wonCM%2FDBy4xu4OkqTIR8bvdEkY207pElxsnCxwulRt21b97R0Kc7FniaKOMG82bYtiaaKEG3KBiPRxGMELCy%2Ff%2FqU%2BHd87JCong18m0uN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d665b1f4d8a-FRA
content-length
43
cf-request-id
0aa716b3f600004d8adc2bc000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-t4r1hI1E2uHv.dhMrxUQ9WRVC32PzSM8n2G2x8Y-~A
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame AFFD 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame AFFD 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=fcac5174-73e9-49f7-af0e-c9a69c55ec45
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7E0E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f615cbbd07fc0f608cbf89766024e7ee284c9d87710137573e30b6d61a02695

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfTS4R5xfhUKQnfN1.AAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|65|188|47|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1787
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfTS4R5xfhUKQnfN1.AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1213;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT CMRUM3=bc60c6037d05a00&2f60c6037d05a0&f160c6037d05a0&da60c6037d2760&2760c6037d0b40&2d60c6037d05a0&4160c6037d05a0&e660c6037d2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfTS4R5xfhUKQnfN1.AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT
/
onetag-sys.com/usync/ Frame 8ED3 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 6F1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP003
date
Sun, 13 Jun 2021 13:09:22 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame FFF8 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMYDg; path=/; domain=.go.sonobi.com
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xO5Py4%2BfMKhF03S0CPM5D5md3m23FGgUh0lOUCmNGhNIs%2BuwCM5ElI6VpwaAHl1lMk69nvkgfbCxj6OC9YQmawojJZkFBg1SG9sfZiB98WWlRaZa5qQ1dMsTddnvp%2FKjq4gCFgpyOQny7e0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7ece054d8a-FRA
content-length
43
cf-request-id
0aa716c33d00004d8ab5b3e000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=d154c0ce7a7c64ec0ada206bf3dfc72076aead97
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3qeRNMW%2BZiOahledeYS%2FFTf69r4wJXUtTiGSGWcT%2B%2FMokb4Bw60EHf7rfr%2FSwVXjFnsbZG0n8C3CxbSjjBYTpztydLpkMawerQxunhnoLbN1dL9BZlvEocFjfeMl8eXMuE%2F99GhSPfeugis%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d680fe24d8a-FRA
content-length
43
cf-request-id
0aa716b50400004d8aa30c9000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid
c400793c-1cc5-4719-ac6a-e0e5b442dcec
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=533308008613450893
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=533308008613450893
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=533308008613450893
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z8MBqepg4KNeOkBmIfUrIjXjjZS6U3WfS9OMG94QR%2FqIp%2B9bBqCMWg3tjBIM6QzCUVfwbhWRKqvrgackAld%2BuLu97D9iZi4GZbQc%2BqNtTEtl4IwhYBo5%2FUNIyINPqHAGPXULt8jZmRwRaVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6848a54d8a-FRA
content-length
43
cf-request-id
0aa716b53100004d8ae8812000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid
44ade509-6393-40d2-87ad-04b304f3f6b9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=533308008613450893
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533308008613450893
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533308008613450893
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R259xfRoqZc9qXf9sOgFtdwznKjCiQo9Brn4typktiin%2F2N3TEBt1q3QPD1%2ByPv6QsY9B2xGCG6bXTGz79MAux1uM0%2BKBx2R10HqL0l11KBVC02tLgMcd%2FES94kkk8ll6koa2n0jIJ5Od4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6858b74d8a-FRA
content-length
43
cf-request-id
0aa716b53600004d8accbf5000000001

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:16 GMT
X-Proxy-Origin
194.110.114.132; 194.110.114.132; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.123:80
AN-X-Request-Uuid
9c56b1e0-ae06-418c-8bbd-42d1fb66c24a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=533308008613450893
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39829b1c-3e1d-4af0-8f44-7c7d2335bced
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39829b1c-3e1d-4af0-8f44-7c7d2335bced
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hp3R3Vvp9ykD0L8IyjNkIQuJD6QZv0nOcKtkz5sx3sfLcQrv2yObX98ohggfO8ZuY9F2QE2P%2BQo7eZXq6bFo9ST0E6%2BaorLXjAwoF1%2Fc3U%2BRFSjNdO%2FABCtHij257PjGkG2nC6RzPp62x8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d68386f4d8a-FRA
content-length
43
cf-request-id
0aa716b52200004d8ad1aa4000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-39829b1c-3e1d-4af0-8f44-7c7d2335bced
date
Sun, 13 Jun 2021 13:09:16 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Ci6NugVE2uGSWuC3tcMJIwaX7nsvtR1HGTW7nmo-~A
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Ci6NugVE2uGSWuC3tcMJIwaX7nsvtR1HGTW7nmo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TJ7HlIRhu2Kdw6%2FB74BY2Lnnw8BAsBVVaY%2Bx9%2F%2FtzV77U8ERRvkSYsvFjY47iskzNN82xGm3%2BEE93YXmaJy6v9pbt%2BoPeoGoC27G92WUuQw%2BiCdGzacI2ZKi7DgChtlbzXop9fgJ2MsnEsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d667b8e4d8a-FRA
content-length
43
cf-request-id
0aa716b40c00004d8aba875000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Ci6NugVE2uGSWuC3tcMJIwaX7nsvtR1HGTW7nmo-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a2035afa4a3d74d9c3b0cf47
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a2035afa4a3d74d9c3b0cf47
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NAlOLhU64Kh3GSJvtjsp5G3AGgDNthdEsjTzhz1fwkvYdOUsqL6W8fU8OsIjFj2UxrTOW%2BOdwMIEceAsfJjIlsnOYi1CfG9Ny4HXhYMchu0sFwPUtRGrWd2ra6PfcGo5364Ob%2FRZmQotewo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d6f0b404d8a-FRA
content-length
43
cf-request-id
0aa716b96800004d8aad167000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=a2035afa4a3d74d9c3b0cf47
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8e54417d-cc48-11eb-8701-0640cfc6fe14
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e54417d-cc48-11eb-8701-0640cfc6fe14
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e54417d-cc48-11eb-8701-0640cfc6fe14
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iUDFm%2B0NUl3huNUBKy82XxokSkh%2FlENwt1PKZcQEbdROThXc8sEp4nMnCpO9T9kxO2d0mHgg2ASO8HFSrQD0fnZ7NNfxd3s4KRnbNkNmyc8InG98Aop8wF5zMHQECJo5msHV%2FGmkI2Ij0no%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d696b674d8a-FRA
content-length
43
cf-request-id
0aa716b5e200004d8ac49d5000000001

Redirect headers

Date
Sun, 13 Jun 2021 13:09:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP8e54417d-cc48-11eb-8701-0640cfc6fe14
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame A875 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tQgiirR557%2FoVmsOhc4iKzDW4NjZ%2F3VmTy2tBBFBo26I%2Bx2mVlapqvTTURUShJYApt6oadKBoYSO3guDrY8AniXU09ZFDSz1Gd4VtA8VZzBQF4l6lM65RUDfEQzfeAVnNFvaL4%2FNX3EFsXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d65e9f64d8a-FRA
content-length
43
cf-request-id
0aa716b3af00004d8a98b91000000001

Redirect headers

date
Sun, 13 Jun 2021 13:09:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7xzDH3zEkKHFk5D8U4Vwgf%2FIx9tDTLhMe51IwITx6X4R5EI8eF0dybzmNWqQ139fLLcVWP6v%2FdTO%2Bu2FjNAI7bBFdTpm%2BVXrl4OYsscu%2BeErNcttKVFnEEVFnrlyEasCPT%2BiFmmgfZRR"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dce9753f-898e-4c15-9967-e478d4de08d0
cf-ray
65eb8d647e414d8a-FRA
content-length
0
cf-request-id
0aa716b2cd00004d8a8c863000000001
setuid
sync.quantumdex.io/ Frame A875
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zKgT6A%2BKbM9mAHmMuWEit%2FbK55cL%2F63esdNIMFmjDCt%2F2kgZBqj3t8PbZGNkFsvhSkTITdnAFjGLY7Q6VotN9ORNFuJOt9CZElPf1VfDHM0in3Eu4J0jkwpJQl%2FoeJ67Xc91m3ypvpi9JQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d79a8704d8a-FRA
content-length
43
cf-request-id
0aa716c00800004d8ab180c000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=f540c0f5-0112-51a4-9860-bcddf8a6bfa3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 0C24 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame AA00
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b0f7a5a11316e21693c7c6bbf03928c7055329ebe0dda64643faf2a4bac38ea

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5167; CMID=YMYDfSi.U38KD9D7Nbc0OgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|188|41|65|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1650
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfSi.U38KD9D7Nbc0OgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMPRO=1207;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT CMRUM3=2960c6037d05a0&f160c6037d05a0&bc60c6037d05a00&8260c6037da8c0&4160c6037d05a0&e660c6037d2760&2d60c6037d05a0&2760c6037d0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMST=YMYDfWDGA30A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 14 Jun 2021 13:09:17 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 13 Jun 2021 13:09:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Connection
keep-alive
Set-Cookie
CMID=YMYDfSi.U38KD9D7Nbc0OgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 13 Jun 2022 13:09:17 GMT CMPS=5167;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Sep 2021 13:09:17 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 9A61 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 13 Jun 2021 13:09:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMYDg; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame 529E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP004
date
Sun, 13 Jun 2021 13:09:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 665F 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=23353
expires
Sun, 13 Jun 2021 19:38:28 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0262 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3; SPugT=1623589755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45638
expires
Mon, 14 Jun 2021 01:49:53 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 01B3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3; SPugT=1623589755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45638
expires
Mon, 14 Jun 2021 01:49:53 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 51E5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PugT=1623589753; PUBMDCID=3; SPugT=1623589755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45638
expires
Mon, 14 Jun 2021 01:49:53 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 04FB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_22=14911-7362372181454899982; PUBMDCID=3; SPugT=1623589755; KRTBCOOKIE_594=17105-RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003&KRTB&17107-RX-c9dda522-d3cb-4b65-b52e-834bfa592b07-003; PugT=1623589754
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=45638
expires
Mon, 14 Jun 2021 01:49:53 GMT
date
Sun, 13 Jun 2021 13:09:15 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 0262 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83724650&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:15 GMT
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 72D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 72D0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 72D0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMYDfFLsWAKiTepFLQBxjwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 72D0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfFLsWAKiTepFLQBxjwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 72D0
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065822040053d5a688a871ed&expiration=[EXPIRATION]&gdpr=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065822040053d5a688a871ed&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=065822040053d5a688a871ed&expiration=[EXPIRATION]&gdpr=1
Date
Sun, 13 Jun 2021 13:09:17 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
tum
ums.acuityplatform.com/ Frame 72D0 		0
0
crum
dsum-sec.casalemedia.com/ Frame 72D0
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ab27a708-1aa3-4acc-8cf9-5f55412989df
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ab27a708-1aa3-4acc-8cf9-5f55412989df
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ab27a708-1aa3-4acc-8cf9-5f55412989df
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 72D0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-00d497958362b52d3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 72D0 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfFLsWAKiTepFLQBxjwAABIkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5rWyFNYALdjQQp90qhW7wUiGMnnN4zLaSgoYfMsmrQ0gzT%2BZerLv9D8e7KEMysjLfiMX4OtePysFLrzuMZaOY3R7LXmdOcXOA42rnTTSw9%2F3nqlaqoR8qP7%2FNODITTAocMHJhIfpZkH5mk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d708fa54d8a-FRA
content-length
43
cf-request-id
0aa716ba5b00004d8ab42d4000000001
usermatchredir
ssum-sec.casalemedia.com/ Frame 22BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 22BD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 22BD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMYDfFLsWAKiTepFLQBxlgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 22BD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfFLsWAKiTepFLQBxlgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 22BD
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176?gdpr_consent=&us_privacy=&gdpr=1
49 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.36
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMYDfFLsWAKiTepFLQBxlgAA%261176?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.7.118
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 22BD
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5db52ed2-624c-42a1-8516-ffa9dfec2753
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5db52ed2-624c-42a1-8516-ffa9dfec2753
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5db52ed2-624c-42a1-8516-ffa9dfec2753
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 22BD
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06582204006ba7e0f5906f46&expiration=[EXPIRATION]&gdpr=1
43 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06582204006ba7e0f5906f46&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06582204006ba7e0f5906f46&expiration=[EXPIRATION]&gdpr=1
Date
Sun, 13 Jun 2021 13:09:17 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
getuid
ib.adnxs.com/ Frame 22BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame 22BD 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfFLsWAKiTepFLQBxlgAABJgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UygmWafCM%2FxVf8VbcKq439swFXo6xC5s7DfohpSOn%2BMu2QX0cSuJCTEi4Xzfk3RfSfBvp4Spzl4JTDjuMX3aZ2W%2BSZc6lxR8qtnHiI468ibOaDBGR3NqOzUT4xDKA68LkA1LRyTeGHSVP6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d70f92f4d8a-FRA
content-length
43
cf-request-id
0aa716ba9800004d8a8e167000000001
usermatchredir
ssum-sec.casalemedia.com/ Frame 5F49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5F49
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5F49 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMYDfHPqOiYwYblFm1JKBQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5F49
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfHPqOiYwYblFm1JKBQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5F49 		43 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 5F49 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
getuid
ib.adnxs.com/ Frame 5F49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame 5F49
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6768761591388479852&uid=Q6768761591388479852&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 13 Jun 2021 13:09:20 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 13 Jun 2021 13:09:20 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 5F49 		43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfHPqOiYwYblFm1JKBQAABIIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ycRLLqfNk63Q4RLxTGSVTPuhj5CbCT7GplzK%2Fmi8pOYS5i%2FtTRpMpcqBZn1IGbjs0bN0OvR0zmrBt1nGZBi%2Fs2zQgPljB%2FFE2qY3pv%2BOGnw2XObT0DWLy3HOtYZ%2FUypyh8jJm27i78Oo9ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d7149fe4d8a-FRA
content-length
43
cf-request-id
0aa716bad100004d8acc084000000001
dcm
s.amazon-adsystem.com/ Frame E7A6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E7A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E7A6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfCgCVyYpZwlPHzN22gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E7A6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMYDfCgCVyYpZwlPHzN22gAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame E7A6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626181757
43 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626181757
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1626181757
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame E7A6
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=94f99cf3-52aa-4387-9420-fedba1d0b543
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=94f99cf3-52aa-4387-9420-fedba1d0b543
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=94f99cf3-52aa-4387-9420-fedba1d0b543
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E7A6
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020803220300
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020803220300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871316020803220300
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
noop
px.owneriq.net/ Frame E7A6
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6768761601662193721&uid=Q6768761601662193721&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 13 Jun 2021 13:09:20 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 13 Jun 2021 13:09:20 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame E7A6 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfCgCVyYpZwlPHzN22gAABKwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2vaoyrukZMaUdsz5%2BNIcPsfYwjYjiszne69q%2F4VCSciL1YouzWym4t4ulRCm2%2FOZDsMjJPgdcng3%2Fa9rWb5wBe4L0WVgY05Km%2BdUcA3tMm9QDDsVEWxbTlUH3IGEMbM%2B7QEZg41KhqPB%2Ft0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d71bb004d8a-FRA
content-length
43
cf-request-id
0aa716bb0f00004d8ab1b7a000000001
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6B4F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6B4F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMYDfDKWVYdYuPun-RoZXwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfDKWVYdYuPun-RoZXwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B4F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

date
Sun, 13 Jun 2021 13:09:18 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 6B4F 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1623589758.797872,VS0,VE89
x-served-by
cache-hhn4074-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
CookieIndex
rtb.adentifi.com/ Frame 6B4F 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.236.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
bridge
cm.adgrx.com/ Frame 6B4F 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
sync.quantumdex.io/ Frame 6B4F 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfDKWVYdYuPun_RoZXwAABHkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AXU%2BzvYYBFCR9gIr3axdUobqPFkICNwJwx%2BVkT1WO%2BFo0dmlAcssNb0FkJSjSuzz9dVdTYvA2HhWkPrBgNpFGmQN%2BumOI6yrfrk7jC4xeWDzaSJSH7LutD3VU7NclnfJW9B5WFXqz8CNjdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d721c624d8a-FRA
content-length
43
cf-request-id
0aa716bb5200004d8aa8380000000001
crum
dsum-sec.casalemedia.com/ Frame 8529
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfPltKRMeax2AtomlUQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8529 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMYDfPltKRMeax2AtomlUQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 8529
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfPltKRMeax2AtomlUQAABGQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfPltKRMeax2AtomlUQAABGQAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfPltKRMeax2AtomlUQAABGQAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfPltKRMeax2AtomlUQAABGQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8529
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfPltKRMeax2AtomlUQAABGQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8529
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7362372181454899982
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7362372181454899982
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7362372181454899982
pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8529
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4c860c6-037d-4900-b8b5-4f462d8d7d6d&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4c860c6-037d-4900-b8b5-4f462d8d7d6d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

Date
Sun, 13 Jun 2021 13:11:11 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4c860c6-037d-4900-b8b5-4f462d8d7d6d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Jun 2021 13:11:10 GMT
crum
dsum-sec.casalemedia.com/ Frame 8529
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame 8529
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame 8529 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfPltKRMeax2AtomlUQAABGQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:17 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ziU9fZ%2FwCGYFmElEpLwwMwrb4xM7xVrDiSvdwWDAv6uzcFcQN8RCAkIsRzvVM0fiWwVb6aQoJiyIAKmi0QdWJAZHhPK%2FnohhW8xuSfhhAgd%2BNZprKqhQWBKQzDQyzLDYDk3oPu6DMlbJiBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d728d784d8a-FRA
content-length
43
cf-request-id
0aa716bb9400004d8a9d86c000000001
usermatchredir
ssum-sec.casalemedia.com/ Frame 7E0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7E0E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7E0E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMYDfTS4R5xfhUKQnfN1.AAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7E0E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfTS4R5xfhUKQnfN1.AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 7E0E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
CookieIndex
rtb.adentifi.com/ Frame 7E0E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.236.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 7E0E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=FrGrVYvh1LSpRz5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=YMYDfTS4R5xfhUKQnfN1.AAA%261213
dpm.demdex.net/ Frame 7E0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMYDfTS4R5xfhUKQnfN1.AAA%261213?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.79.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame 7E0E 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfTS4R5xfhUKQnfN1-AAABL0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:18 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l8ilj4V1H2EpzLE6NKbU6oxk9ckhsUrkR%2FOFByJO5TQEPyL6z0IGUXsLaf6nolvc7KFsdBsaeuJc70dVVnjseaDFEUPGSrsc7I38KwbQMSL7VafPxPFeJBArcvBmsGm2V1%2FJmcO%2FRCYbGXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d72ee894d8a-FRA
content-length
43
cf-request-id
0aa716bbd000004d8ac70ae000000001
crum
dsum-sec.casalemedia.com/ Frame AA00
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMYDfSi.U38KD9D7Nbc0OgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECHzcZSF-8HT0HL1gg6GZ0E&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AA00 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMYDfSi.U38KD9D7Nbc0OgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame AA00
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AA00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG3Af4-hPijrUASkz0_n_bI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame AA00 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.236.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
bridge
cm.adgrx.com/ Frame AA00 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:17 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame AA00
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623676157&gdpr=1
pragma
no-cache
date
Sun, 13 Jun 2021 13:09:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame AA00
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Jun 2021 13:09:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Jun 2021 13:09:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACzoU7BjAcAADKa3BX-Xg&expiration=1624799357&gdpr=1
Date
Sun, 13 Jun 2021 13:09:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
setuid
sync.quantumdex.io/ Frame AA00 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMYDfSi-U38KD9D7Nbc0OgAABLcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:09:18 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=420fDXAfCURX4qMw%2B9xCcuHuRiSCuFWU%2BlR5PVwJSv6c92XuDPJP%2F5oWNyM51flLfflrbeYTVpLQOG13d%2BMxfZodtosiDnz%2FoZfNm6WM%2B%2B78nZmF4xIxewHP%2Fig0CbyTSN6WA6FfDZD7NbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65eb8d734f594d8a-FRA
content-length
43
cf-request-id
0aa716bc1100004d8ace907000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=8

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| $ function| jQuery object| addDictionary function| getRandomNumber function| showInPopup function| showInNewTab function| showBlog object| vitag function| s function| j8MM function| M1gg function| q8MM string| F3UU object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _VLIOBJ object| adtrue_tags object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object undefined| selectedTab undefined| clipboard function| setTooltip function| cookie_accept function| WOW function| ClipboardJS object| gaplugins object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| q object| qs string| js_code string| k string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS object| observeElementInViewport object| googletag object| ggeac object| google_js_reporting_queue object| recaptcha object| closure_lm_376133 function| vlPlayer object| $sf object| regeneratorRuntime function| __tcfapiui object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| Criteo function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| q9tt function| J911 function| n3hh function| P9tt function| c2ss boolean| _mgPageViewEndPoint629011 string| _mgPvid boolean| _mgPageView629011 object| criteo_pubtag object| criteo_pubtag_prebid_109 object| Criteo_prebid_109 boolean| _mgPageImp

11 Cookies

Domain/Path Name / Value
shrinke.me/ Name: _pubcid
Value: df4c4083-5ea4-475a-9b26-2ea241c5a43a
shrinke.me/ Name: sf_ck_tst
Value: test
.shrinke.me/ Name: _gat_gtag_UA_137383949_1
Value: 1
.shrinke.me/ Name: _gid
Value: GA1.2.846041304.1623589751
shrinke.me/ Name: __vliIPL
Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1623596950968}
.shrinke.me/ Name: _ga
Value: GA1.2.69332980.1623589751
shrinke.me/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
shrinke.me/ Name: ab
Value: 2
shrinke.me/ Name: AppSession
Value: 5ce1a5f6089d072430b5b3b53b05a388
shrinke.me/ Name: csrfToken
Value: 6264a57c8cfb169948a2a4f99e78183ee187dbc02af2b33a4220f7d42b3ebede02d9834e125bb28fc3bdbe7c3a4e7102112ec375db954d1f5eeb4289457ca8c6
shrinke.me/ Name: lang
Value: en_US

7 Console Messages

Source Level URL
Text
console-api error URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tag.vlitag.com/v1/1623493598/b696d0f5c06dbd9fd83feb568718537b.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api debug URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.adskeeper.com/s/h/shrinke.me.1062925.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js(Line 1)
Message:
[object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
assets.vlitag.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.adskeeper.com
c1.adform.net
casale-match.dotomi.com
cdn-adtrue.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.jsdelivr.net
cdn.run-syndicate.com
cm.adgrx.com
cm.adskeeper.com
cm.g.doubleclick.net
coccusadmanlob.com
code.jquery.com
cs.admanmedia.com
csync.loopme.me
d1r90st78epsag.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
i.imgur.com
ib.adnxs-simple.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jsc.adskeeper.com
leaderhistliness.info
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
media.vlitag.com
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
praiserevision.com
prebid-asia.creativecdn.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.owneriq.net
r5---sn-4g5e6ney.googlevideo.com
redirector.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
s-img.adskeeper.com
s.amazon-adsystem.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.adskeeper.com
services.vlitag.com
shrinke.me
shrinkme.io
simage2.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.vlitag.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
tag.vlitag.com
trc.taboola.com
u-ams02.e-planning.net
ufo.approximity.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
useast.quantumdex.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
ums.acuityplatform.com
103.132.192.30
104.111.242.53
104.18.16.65
104.19.133.80
13.248.242.197
13.32.11.177
135.125.8.70
136.144.59.88
146.59.148.16
146.59.211.253
151.101.112.193
151.101.114.49
151.101.13.108
151.101.13.44
162.55.6.212
169.50.137.190
172.217.16.130
172.217.23.98
173.231.180.197
178.162.133.149
178.250.2.131
178.250.2.146
178.250.2.151
178.62.202.251
185.183.112.148
185.184.8.65
185.29.135.226
185.33.221.90
185.33.221.91
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.86.139.114
188.165.137.78
192.243.59.12
193.0.160.129
198.148.27.139
199.232.137.44
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.45
216.52.2.48
2606:4700:10::6816:3181
2606:4700:10::ac43:db6
2606:4700:20::681a:24e
2606:4700:20::681a:fee
2606:4700:20::ac43:4597
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:d1fe
2606:4700:3035::6815:5a17
2606:4700:3038::6815:eb9b
2606:4700::6810:5514
2606:4700::6812:c05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:4e::b
2a00:1450:4001:800::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9c
2a00:7c80:0:121::2
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1400
2a02:fa8:8806:16::1370
3.124.46.162
3.126.56.137
3.126.63.176
34.196.151.230
34.231.105.138
34.249.79.128
34.98.107.212
37.157.6.241
37.252.172.37
46.249.52.248
46.249.52.249
51.68.39.188
51.75.146.199
51.89.9.254
52.18.52.16
52.34.145.6
52.4.236.19
52.48.248.240
52.49.238.187
52.57.110.162
52.94.232.32
54.236.220.178
66.155.71.149
67.202.110.23
8.241.88.249
85.114.159.118
88.212.252.2
88.214.206.142
040cedf98dba5d0ea24b8fe66805e8e18d7dcd01cdb7dd4cd1214e0f299e64bc
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0631a1785f145481d16c72c11293141e79f9bcf92125fc4fbf1e7717ae196ccc
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c87e0553c098d14c57a8b55daeb3a8dd509c0d6268d8a32403692b016b2c865
0ec8027fbfea2b58f8146ce4ceb925d190253b80c7595b130fb598bb4c2540dd
111f1b12a92609af7eb2019b4c0e41b44c8f4970cc13341ed286f85ceb88df6a
12a0241564451caa4b0a2500a7bcaa051fa8cd696faed6093a59eefa9e9a0885
12afca00f5c63f6ef092db7eca25a64664936fcc4034cb5c05cc17bbd89badd8
16259a472f7ff62b8857a746f6a39ba182e068c7e1f91cf7a26d704c142cfac6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188f0840c96ccad75b8b74a4ba4e4acbd6008dbb5cc0f36c96758afd983510fa
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ba75869b8dc9e93dfb6bb58428301a77e3d5174716750d78e8dcd24658d4ef6
20c318491dca573f4952082278caf477278ec15f9d78dc809dd997ddb35676b2
246c041789ce91e94d2d15f5630ba5ac451de3135d4c697a2300822c55d9e105
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af2c7c420a87f4f4d31e5b3a4e2dfcb358de06ece39345c26cd37b5589a7d6b
2b0f7a5a11316e21693c7c6bbf03928c7055329ebe0dda64643faf2a4bac38ea
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31d53985fe4ea7792c06c1d3592a25791458dfca6dcb968dced93d1974fce366
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
35f93a240c32f230250b0967e7f29e15f94f5619d22f8e28a375f842dfa88cd1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3bdb191fa1e8fca9543b7fdc62a4d35a7fc5b47d1b2293a7b84649b02c991219
3c1354d5633ec4c0a6ad1a6b2327e9cb164dd20e598209ec9323ca38d7f5c64a
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed8695023a9a07ee375faa6fdc15dc9b23f7bfc58c1500ec2057e96dae9cc8c
3f5715468e1e8f067de4d985b751113df5baa042b25faaa77307d1f4c3a93bc7
4141c61a7bfcc86f9b2be5dd5036ae6001d6a5cbc6cf2bbdd4a6bf89351a4026
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
46596ae92cd8518bb0734c3a6c50cc6fcd63bcc6f4dcdd8e7cfff14e50d0fbf2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498fd27eb6dc4514f79d6a0e0f8ac0a2743600d36313d087a0af349b9c918c1b
49d137c2a2281481575b296e354511d2552acb7d7671539d1a3298242282b31b
4d2d26753a8677d6b64a5e46fa42767f81a35f669887d44ca671fe7b7cdfff89
4d3d302a1fec1f4ad1aa4de6e1589d52fd07c5a64997de0fc4e3ab51eb19fd41
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
4efc7d252da8041b4978983ee9ba9cd5d1bf8b45fe8fb2eec7b0b064aba20841
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
514ea21b6bb4184375ed0fb7c1694c4778f4f9da5dd7d8982cd8fba5fd5b4d0e
516fd3487ab903e6af741952f98741183332fe46abd277b62d2c4a325a6f9460
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
66c5ec714c512c7a6b038803f0fbd931dda467bc586d189cb5fc3ccb72368268
6a82f4875f43c7cc283cce6ce5188833b378a26e8bf9bd49f6da9b1f426004ca
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da
6c94dbfd84911ed021254d18c55e03e6142cdf205814499d9a0674b656a4a551
724878ff76f003337340034f0707462d12869a0ff750342571891298d512d9a0
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7d0aef5b04d4c602aefe4601a06d7cc064dd3106be3865ba0a3f656bf5eb0add
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8bb667645ce9bc84123620123664bb9bcfe9cdeb7564f40e6ee184efc7754c93
8beab69b558aa31e939ed978637e6fa710cf6c36eabd46c75f82df8069e75d75
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
9013894cebb6d6424c808ad8e88a34564d2c2780b776cbf1ff77a50888250255
94a5a2a41ecbe0eed8946bfafc8f335dc6f4f09190e8de0cd669a80e4ff02f4e
95078b6de3f7ca7cf8dd9bde1c649b2be639e7b855270d250258df15f50460c0
95fa728ab221d1faa6dcfeb2ad412333fe11f33436622dd4e5ca831775aa229f
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
9f615cbbd07fc0f608cbf89766024e7ee284c9d87710137573e30b6d61a02695
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a897e548e58fd9f727254a0c1182ccc985544285fb5962d3b88560e70642eed8
a961b697abe9acd4ee5a907649a05a0b546626f3a77afb135e5b9d98d276029c
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
a9d5e562f67ce6a69e1f874a2e8ca3efbca2f58d89a0cab3d3e7d45e571cdf41
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac6de5b959dd6bf0b026990f50798d9e4e68726714f3675b735d9d0649aa1457
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159
afc64d8345a0c5e5fe8f866056f6e594bae4a885ef8bc44a37de95dd9eaae157
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b
b4b13b091264448af149e519f01f3838360a69f04c20e42583b0a942ca912d4b
b5800211d31fda967ffe6fb98fd6ff6b22f758c0f4408e95a7e430dbe3267790
b6c3c0258f6a952287f3afe1eee1782462b45c008b19223061bfe2498a73bebb
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bfaa23f62706dfcc9f5d650e2cde6095864dc39e99fbd57ead1ab2b94b8a1560
c1b65da7e1759e98a2f61c7c52b78089e03473fbfa1fe85e8891e3255cbbf9f5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d502e54f341e2d36893401d88cd06d9141c96fcd6a3ae4dea01bf79d537295
d54332bf39cbf376b7b97251f61152aa4501bfec2953f96baafe00a3b7439ef9
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02d1f005e0dada487e4e813b64c1120200183f8426ab4ef52c8851287c45815
e24b3332c2adb5775df6919582ca4ffe24c14d7fff5c1e51c36aca1b610b9909
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4accc76409500e73c35d8af157749fd0fb75280bf7907b2dfd146b223407996
e7d7473f140f0f0e036996fe842839c09a57b9da106a1fb7aaf7611bb8cc079d
e88129a05b73c583de044e595c687fc4b06733d0edf61ea0fbc928b0aacc5ae4
e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d
ea1dba5fef87a79efcb0737a9672ed8344cb70b47e86d9c469dd26143df42906
ecbbfcd03dfa1f6826b68e63ba9287b8e6d79590eea05e115543a6694a98329b
ecebd072da484574bae3ad8fbd2dda03529d4e5716486df4fdde5820cab09931
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f90eb39c9792f1704e2169c6a5d768c5eeb1f78e8a5cd56549b776f568e4daff
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f