shrinke.me Open in urlscan Pro
2606:4700:3035::ac43:9770 Public Scan

URL: https://shrinkme.io/payout-rates
Title: Payout Rates

URL: https://shrinkme.io/pages/payment-proof
Title: Payment Proof

URL: https://blog.shrinkme.io/
Title: Blog

URL: https://shrinkme.io/auth/signin
Title: Login

URL: https://shrinkme.io/auth/signup
Title: Register

URL: https://shrinkme.io/pages/privacy
Title: Privacy Policy

URL: https://shrinkme.io/pages/terms
Title: Terms of Use

URL: https://shrinkme.io/pages/faq
Title: F.A.Q

URL: https://forms.gle/PSzDDwcQLJCjL8V8A
Title: ABUSE/DMCA

URL: https://www.facebook.com/shrinkme.io

URL: https://t.me/shrinkme_io

URL: https://valueimpression.com/?ref=shrinke.me

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=

Request Chain 61

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=

Request Chain 69

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=

Request Chain 87

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XOS6Rnxpd2F2QVdtckRwY095aVRJOTQxYk5tdkRCSnBSbGEvMmNIcDI0ajdyYk13L0E4VHZXVjNnMmVrSHAzV1p0NzRsZ3hURHBQUDArUTl1MGZ4OUxTM045TVBZdjVGeG13S0k1Qm9xdy9FMStvRm5CSkRmaVpiK2t6TEYzc2o2QTE1S0RmeWxkbFNyR1JUdjViaFFoU2lUVHhPeXdUQjF2TmtIUHJtaXZ6MUdGN2dwL0Z5OTJUUkc0RkFjSzBiQnpUVGhHUWtTaWtCK0M1eTlVVG1jTlZZNUthOWNYc0dPeDlVdUhFSVh3Rlp2UHpRPXw&cppv=2

Request Chain 89

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mu3KjXxXbEtST21ycTQxekdWNkUyZm1La2tHbGFxRFFnSXhiRTNMeWV5ckErVXlCbVUxTXY2NnVHYW5kYVRqbnhIenBiYTd5Q01EdlFiMEVPaHYxUDNVdnh2OUk0OHJjZUY2VjJrNFpEUnk3VjdYQVVCcVd1VFphUXkxSVRsbm85SzhKZ1lGYTNxemYrdGhrTDhDVnJPdC94WWVRWmpkZ3Z0cTRGMUNEbTg5R0paTHV0QzVPbWZ6bjFoVDVVYVVjdVpuVUh2ZXp1emdVVGZoaDlzd1pjWEtUTHFlMUtDZEdMdHVwcGM5N29rWkNiOFZnPXw&cppv=2

Request Chain 136

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=bUhEZ3w3Q0U2dmQrZTAxVm5MWHZhbWd1NFZlR0owQjRpYVJHQVZjVERSNHVhNk9SOHlKSzhBUHNCMEFaeVk1cHBUblROd2V0MU84V1IrcW4vYXl4RTc2SVBQd2ZTbHF1Z3FyLysrMjhMdHBGelc5NXpBNUltd3hub1JoYVg4d05Sbmh6QWtvWlpSWnI1dGZPM01ZVFc3VWQ1dDFiaWp1dkE5MUJxdnAwdW9NRDJzWHN6eEVvVThqVGFmL3lPUlEzTWliVTd3NzlQd3IwVTlXeWhXY1lSTE96N05VUVVic3lmRHk1TGxnOG03TDJUOGk4PXw&cppv=2

Request Chain 138

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=4YbX2Hx6VEdHOGF5YzV5TE5YYjF3OGpyVjNDWHFleEJIREd6T3pNdGVlQS9mZWthTkFEa3F0R0RrM1Bmd1ZuUXZKY25ZdllvZ1RKbnFxU1M1NW1DVStqRFEvTDRiYk5UbDIwV3BxZ2R3dXByY3FWSUJZR1ZIeHRXTHJmS05ZMTkxUlJrUEV6TjVITWlOUzloMjg1dGRsWG1mb0ptbHFYcmo4Y3dzaW0zcUxETHgyTWZtNERhN2xEQXNEZER0RHJuSlRQdkdhOXI3WTlsb2FvQmZBSWxFVEh0bWQwMlRIRmdFY2s4Wks2SnZKNXFxNm1JPXw&cppv=2

Request Chain 191

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=

Request Chain 205

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D5ca5ceb377b58a05%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D5ca5ceb377b58a05%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5ca5ceb377b58a05&uid=39563667ad0d6efa05a55af4

Request Chain 206

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D36c730bea59769b8%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D36c730bea59769b8%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=36c730bea59769b8&uid=39563667ad0d6efa05a55af4

Request Chain 214

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

Request Chain 215

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390

Request Chain 216

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409

Request Chain 218

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409

Request Chain 219

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HVPJkH1E2uEoxoMdF5yLTQE2lWzn3SxdHmYu7co-~A

Request Chain 220

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2979978277709350370

Request Chain 221

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-66190411-689f-454c-a081-979ae39789d8

Request Chain 222

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

Request Chain 223

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23cea97-db80-11eb-8b9e-02b322529300 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300

Request Chain 226

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 230

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2979978277709350370

Request Chain 231

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-PdQf07hE2uEBHVSMk61P72_Y68cGtgoIC_quV0o-~A

Request Chain 232

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8263369623774889826

Request Chain 233

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-22d0cb40-1dcd-4f4c-b4bb-79b9b4c29438

Request Chain 234

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

Request Chain 235

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23c9c8a-db80-11eb-91b2-06ce98f2e9c8 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23c9c8a-db80-11eb-91b2-06ce98f2e9c8

Request Chain 236

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

Request Chain 237

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d1cbb6d7-7604-445d-a808-cb074a67aece

Request Chain 238

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8263369623774889826

Request Chain 241

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 244

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

Request Chain 245

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d4e57417-da9b-41e9-b71d-6bb7bfb89e0e

Request Chain 246

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5028896942451452902

Request Chain 248

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1140373801212735255

Request Chain 249

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A

Request Chain 250

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1140373801212735255

Request Chain 251

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-c68750b0-67cd-4c5a-900b-ecd27e2f80a5

Request Chain 252

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

Request Chain 253

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23cea97-db80-11eb-8b9e-02b322529300 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300

Request Chain 256

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 259

https://c1.adform.net/serving/cookie/match?party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748

Request Chain 262

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980451930616035476

Request Chain 263

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCcTIwN0J2eGdBQURkNXFkc3YyUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCcTIwN0J2eGdBQURkNXFkc3YyUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&_bee_ppp=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABpPk7BvxgAADjBcz9HYw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABpPk7BvxgAADjBcz9HYw&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABpPk7BvxgAADjBcz9HYw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 264

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 265

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5946876506 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5946876506 HTTP 302
https://sync.1rx.io/usersync/tradedesk/a7e5ae24-3133-47fc-befb-87c23acd098e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003

Request Chain 267

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=R52rwnbvav4xyGaYcLBJXE4m

Request Chain 269

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 270

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xnUIbu44vgF2&pid=557219

Request Chain 271

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H6SfMWNcRZik5WUFpO8XSA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H6SfMWNcRZik5WUFpO8XSA%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 273

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1a660df-8c0c-4700-9609-5d275b42daaf

Request Chain 274

https://pixel.onaudience.com/?partner=214&mapped=1FA49F31-635C-4598-A4E5-6505A4EF1748 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=73a0c66952749df0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zcluid=73a0c66952749df0&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zcluid=73a0c66952749df0&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEIRO9R7WEo9E18X332X3jbs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zcluid=73a0c66952749df0&zdid=1332

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUZBNDlGMzEtNjM1Qy00NTk4LUE0RTUtNjUwNUE0RUYxNzQ4&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUZBNDlGMzEtNjM1Qy00NTk4LUE0RTUtNjUwNUE0RUYxNzQ4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9eFUSbeNlSK0IBzASCJf0&google_cver=1

Request Chain 278

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7413012034931079448

Request Chain 279

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62b660df-8c0c-4b00-b009-acc459d00aa3&gdpr=0&gdpr_consent=

Request Chain 280

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4aad68c4-4587-4f21-a07c-476c9f0056bf

Request Chain 281

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8372263956767750951&gdpr=0&gdpr_consent=

Request Chain 283

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1FA49F31-635C-4598-A4E5-6505A4EF1748&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qcg2n5tE2uU1D80LvBxAzMQOCGVUo5Y-~A&gdpr=0&gdpr_consent=

Request Chain 284

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggiBYoxb1TGZC9U0g1vINYIPhDaZDNU0jAznfKHL

Request Chain 285

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YN_MBQACMO6WqwBg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN_MBQACMO6WqwBg&gdpr=0&gdpr_consent=&_test=YN_MBQACMO6WqwBg

Request Chain 286

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79ec9133-428a-45e4-9f69-8495b013c0d6 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79ec9133-428a-45e4-9f69-8495b013c0d6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=69ca6c79-aa10-41de-9092-142ae64b3b8c&user_group=1&ssp=pubmatic&bsw_param=79ec9133-428a-45e4-9f69-8495b013c0d6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79ec9133-428a-45e4-9f69-8495b013c0d6&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 287

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7443955337145363771&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 289

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:643ff6ec-387c-478d-80d9-ded0d99d1859&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 290

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 291

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8372263956767750951

Request Chain 292

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_55c3c9f6-fb01-4fb9-a914-2d7518ed6a77

Request Chain 293

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23cea97-db80-11eb-8b9e-02b322529300 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300

Request Chain 294

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409

Request Chain 295

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

Request Chain 296

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390

Request Chain 297

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409

Request Chain 299

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A

Request Chain 300

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1095359227152373409

Request Chain 301

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a3fc181c-d880-49e9-8206-4bb3d1aa3991

Request Chain 302

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

Request Chain 313

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB&dcc=t

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGGpC-mgR8LXftHxpBGJ324&google_cver=1

Request Chain 315

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN.MBEmmPcA1OB4sWnlo2QAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YN.MBEmmPcA1OB4sWnlo2QAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOvplDuMpx5tbKrVidT0frE&google_cver=1&gdpr=1&google_hm=2 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOvplDuMpx5tbKrVidT0frE&google_cver=1&gdpr=1&google_hm=2&C=1

Request Chain 316

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YN_MBQACMPWWnABg HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YN_MBQACMPWWnABg&gdpr=1&_test=YN_MBQACMPWWnABg

Request Chain 317

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=BA2AD63B3EA74A23961EDE1892E45F35&gdpr=1

Request Chain 319

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 321

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB&dcc=t

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YN-MBEmmPcA1OB4sWnlo2QAABKMAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJvdATEuilx5f97aRm32l9Q&google_cver=1

Request Chain 323

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN.MBEmmPcA1OB4sWnlo2QAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YN.MBEmmPcA1OB4sWnlo2QAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGghFw2HHhJPDWTGBx3uaY&google_cver=1&gdpr=1&google_hm=2 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGghFw2HHhJPDWTGBx3uaY&google_cver=1&gdpr=1&google_hm=2&C=1

Request Chain 325

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6785495101642755623&uid=Q6785495101642755623&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 327

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=066b22040064b9ecf43f267b&expiration=[EXPIRATION]&gdpr=1

Request Chain 331

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN.MBUmmPcA1OB4sWnlo3QAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YN.MBUmmPcA1OB4sWnlo3QAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMcQK_Y4jlk2FcGuyTk8I6A&google_cver=1&gdpr=1&google_hm=2 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMcQK_Y4jlk2FcGuyTk8I6A&google_cver=1&gdpr=1&google_hm=2&C=1

Request Chain 332

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN-MBUmmPcA1OB4sWnlo3QAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YN-MBUmmPcA1OB4sWnlo3QAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHnAGQ6_RG_aWVuKzaDXKJE&google_cver=1

Request Chain 333

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBUmmPcA1OB4sWnlo3QAABIsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBUmmPcA1OB4sWnlo3QAABIsAAAAB&dcc=t

Request Chain 335

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6785495101554355856&uid=Q6785495101554355856&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 336

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5a4b309b-434e-4cf0-9f2f-dd267f4ba54d

Request Chain 340

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBUmmPcA1OB4sWnlo3wAABJ0AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YN-MBUmmPcA1OB4sWnlo3wAABJ0AAAAB&dcc=t

Request Chain 341

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YN-MBUmmPcA1OB4sWnlo3wAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YN-MBUmmPcA1OB4sWnlo3wAABJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEH_F-PBIRCegFhUvI12Ar4g&google_cver=1

Request Chain 342

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YN.MBUmmPcA1OB4sWnlo3wAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YN.MBUmmPcA1OB4sWnlo3wAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEmD__NbsaPd4TG7QFvL5TI&google_cver=1&gdpr=1&google_hm=2 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEmD__NbsaPd4TG7QFvL5TI&google_cver=1&gdpr=1&google_hm=2&C=1

Request Chain 344

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827872124029965

Request Chain 345

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABq207BvxgAADd5qdsv2Q&expiration=1626472709&gdpr=1

Request Chain 351

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 352

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uV0gKcq61LZrb95&gdpr=0&gdpr_consent=

Request Chain 353

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=BSvSwM83SwpHFelzsja4tgX9zjw

Request Chain 354

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A0D35C5C3803498D94D8AF5ECB6A4A8D

Request Chain 356

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1FA49F31-635C-4598-A4E5-6505A4EF1748&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1FA49F31-635C-4598-A4E5-6505A4EF1748&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1FA49F31-635C-4598-A4E5-6505A4EF1748&addseg=21

Request Chain 357

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1FA49F31-635C-4598-A4E5-6505A4EF1748&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1FA49F31-635C-4598-A4E5-6505A4EF1748&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 359

https://loadm.exelator.com/load/?p=204&g=71&buid=1FA49F31-635C-4598-A4E5-6505A4EF1748&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=1FA49F31-635C-4598-A4E5-6505A4EF1748&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 360

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a4d3c24e-db80-11eb-a80a-17a6cf8907c7&gdpr=0&gdpr_consent=

Request Chain 362

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1FA49F31-635C-4598-A4E5-6505A4EF1748 HTTP 302
https://a.audrte.com/p

362 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request RdQypz Show response
shrinke.me/ 21 KB
7 KB 422ms
49ms Document
text/html 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/RdQypz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

926a416829bb76d217471661c7c01a0968f7a0354a4e84981c62645c7859aee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: shrinke.me
:scheme: https
:path: /RdQypz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:22 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: lang=en_US; expires=Mon, 27-Jun-2022 21:58:22 GMT; Max-Age=31104000; path=/ AppSession=efabdd8cc17b7d7308e40d831638c5d1; path=/; HttpOnly csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=To9NQmwvfUX3nGYn2xO%2F11FITZTjWLhphW8FecIvajf8jQ3mVYo%2B5dJDAe0JQCAeLAUhpwSUoyiXQ2MjO4oRFVwMGO01o1hd3fB56%2BMOc%2BMt4XgdYxfI9fVW%2FOgZignZkAyohw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 668b2298f8132bb9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
809 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4b13b091264448af149e519f01f3838360a69f04c20e42583b0a942ca912d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:19:57 GMT
server: ESF
date: Fri, 02 Jul 2021 21:58:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:58:23 GMT

GET
H3-29 200 styles.min.css
shrinke.me/modern_theme/build/css/ 187 KB
31 KB 56ms
39ms Stylesheet
text/css 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /modern_theme/build/css/styles.min.css?ver=6.4.0
pragma: no-cache
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shrinke.me
referer: https://shrinke.me/RdQypz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/RdQypz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 755361
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2ec69-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o3%2FXh4g7OlDwMW2uIHdDfraeQeJOnWg1OMF8%2FHDj4ynBLUvBtUvpT5cBP9fsWHOqUXXBgjq4hyVALtuGoQmWsSAkamVoQm0JxsN6Y7oaLyVXGkl0eaQhVtStFteuNVyeD9SfdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 668b229abc4605f9-FRA
expires: Sat, 24 Jul 2021 04:09:02 GMT

GET
H3-29 200 sw.js Show response
shrinke.me/ 96 KB
34 KB 63ms
47ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/sw.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sw.js
pragma: no-cache
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/RdQypz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/RdQypz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 755367
cf-polished: origSize=98240
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17fc0-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=245C0adpxBhrmWz9RdXUlhsghYlmZCqoQJxcvJC1rFoG5ebDnG405TVWS01%2BMvWOUb2GPzt8oTWTTGzEdjgb90aHQMrB0gcx1PZ5PD73p6FylI5Yl5iyaLKc%2FPjOKPsUdqQ9iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 668b229abc2805f9-FRA
expires: Sat, 24 Jul 2021 04:08:56 GMT

GET
H2 200 / Show response
d1r90st78epsag.cloudfront.net/ 284 KB
94 KB 315ms
207ms Script
text/plain 143.204.101.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1r90st78epsag.cloudfront.net/?etsrd=792297
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-28.fra50.r.cloudfront.net
Software: /
Resource Hash: 81cc36298002f32cc7ebce2b31e589903c085545aac09a88fe5ef3362d42276f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 95985
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-id: RttMEihRJqPvFN1hP-swhL2EeSDQ9aXSwIReoFGy7IrU-8jOPo4XhA==

GET
H2 200 logo-sm.webp
shrinkme.io/ 31 KB
31 KB 50ms
26ms Image
image/webp 2606:4700:3032::ac43:d1fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkme.io/logo-sm.webp

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:d1fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 755381
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31236
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7a04-5a22587d62000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LFBQC1U2028PizaE3iPd1bMaBYjUo%2BTFgpEjRCgup9PLU99d0%2FwBbl5Vs6jq2M4u0JG2zmOsCPCkQJzEs8djWU83ofzhY4YkgJXY8Mbpj6gZimRrmL75UO%2BCQB6Vhz3IP976sJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 668b229cda2b4e55-FRA
expires: Fri, 24 Jun 2022 04:08:42 GMT

GET
H/1.1 200
OK 23826 Show response
coccusadmanlob.com/t3tgUSTlRzMe6Sv/ 0
0 212ms
54ms Script
text/html 172.255.6.49
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://coccusadmanlob.com/t3tgUSTlRzMe6Sv/23826
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.49 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://shrinke.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H3-29 200 qJpGKf7.png
shrinkme.io/ 7 KB
8 KB 35ms
21ms Image
image/png 2606:4700:3032::ac43:d1fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkme.io/qJpGKf7.png

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab53c20e7edb761a57f6969dc83a7c0cbeea6982f70a552426d48da024e74eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 754922
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7090
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Jun 2021 04:13:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1bb2-5c57b3dc02ddc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3hV0XZoSGCNnMdOxCITHh8gor0GhnW9EieKW581GeiHwZP3oemlFifKggd3Bo7UUtClcL%2BV21ddrxgTVJtAKV6d4j%2F0Wi24aEh649n6k6%2FKup7%2F%2FGXgLiQIzJHAho53wybroatQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 668b229d085863d1-FRA
expires: Fri, 24 Jun 2022 04:16:21 GMT

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 62ms
37ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 8816217
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b229d592f3250-FRA
expires: Thu, 17 Mar 2022 21:01:26 GMT

GET
H3-29 200 email-decode.min.js Show response
shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/RdQypz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/RdQypz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b0ad3f5c8000005f93602e000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rTsCap5O3z%2FQqMUJCdLurwuzLvPZfN5vHUJxibtGITHAr%2FSJLNgs8eyvla8xJ4Jj6%2F4v4A%2BB7N4cbfdfejhK66WQYhFTfK4VAcBDa0Bdl8E%2FgFGiKPT3auqE3IAHlJdJ8%2FiC2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 668b229c78ae05f9-FRA
expires: Sun, 04 Jul 2021 21:58:23 GMT

GET
H3-29 200 ads.js Show response
shrinke.me/js/ 190 B
748 B 18ms
18ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/js/ads.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/RdQypz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/RdQypz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 755400
cf-polished: origSize=191
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bf-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZLKDu5eBT3sYSyJChNJ6EpDN9e1SzvxGPt0%2B7m%2Bp89RBS4P65VcuyxBUkMz0T%2Fob0q5h2SA9v4pTBCfqYuQ9lWek1m7dXdkUL%2FHk8YSUdbasYuIzzes0lIfGE5sAMGVOUp7bDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 668b229c88d305f9-FRA
expires: Sat, 24 Jul 2021 04:08:23 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 31ms
12ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b0ad3f69400003128832fc000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kc6t2flmeforq1pXcwAKi6rBIO3v3wagQDkMJ7KZzi%2BEQZYP%2FrbSLTXkNMdTKFMFsq8hUvtySa9AZrqzI1faDLC%2FFiiA5cnnB6ZOqtF8wcN%2FQyNqxVH1h1uHrTSfjJ26UTzi0h6THGOYIJ%2F2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 668b229db92c3128-FRA
expires: Sun, 04 Jul 2021 21:58:23 GMT

GET
H2 200 MnFEeGRJUzcPO0cDKFpeEBkwDBRBS2tXF1oDLRYPV18pHUtBBmoSFxBdZgsJVFN%2BSUgQBSUfO1sVZkJGBUh2Sl0LU2haF0cTGxEAAFN%2BWgIDF3cbXVNCaU8GB0lpTFZRSGlAUVdBaRxdU0d9GVcGQiBJXRAM Show response
leaderhistliness.info/ 56 KB
21 KB 667ms
141ms Script
application/javascript 52.86.219.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://leaderhistliness.info/MnFEeGRJUzcPO0cDKFpeEBkwDBRBS2tXF1oDLRYPV18pHUtBBmoSFxBdZgsJVFN%2BSUgQBSUfO1sVZkJGBUh2Sl0LU2haF0cTGxEAAFN%2BWgIDF3cbXVNCaU8GB0lpTFZRSGlAUVdBaRxdU0d9GVcGQiBJXRAM
Requested by: Host: shrinke.me
URL: https://shrinke.me/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-219-129.compute-1.amazonaws.com
Software: / Express
Resource Hash: 26f6f9576fc80db0c13fd5c5267ee21f6cbdb0640fcd1794cd32ba392cc7386b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"df6b-iWiGatowt1/bFOWM0EvvN0+StQg"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H3-29 200 header9.webp
shrinkme.io/ 127 KB
128 KB 23ms
22ms Image
image/webp 2606:4700:3032::ac43:d1fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkme.io/header9.webp

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 755381
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 130482
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1fdb2-5a22587d62000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xnwX6SKlZ%2BezXGmTXpjn%2FOuJLV8siVFqzN9mEL5eBE8BBDx3ivUQSmdkfXwyPuXA1F9bPvJQAyUJqTj473JAucNhJ4TjxKZyK%2B5dWdHYZFa%2BA1ZAx9VjyVpsf3z69siAoqEn7Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 668b229f491563d1-FRA
expires: Fri, 24 Jun 2022 04:08:42 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 02:22:03 GMT
x-content-type-options: nosniff
age: 243380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 02:22:03 GMT

GET
H3-29 200 fontawesome-webfont.woff2
shrinke.me/modern_theme/build/fonts/ 75 KB
76 KB 15ms
14ms Font
font/woff2 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: shrinke.me
URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://shrinke.me
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
:path: /modern_theme/build/fonts/fontawesome-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: shrinke.me
referer: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://shrinke.me
Referer: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5468
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "12d68-5a22587d62000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FHKUCM8Pc4NcgHBMuN%2BQm8qiCFN8UMHqD%2B0vFaiUnssl9rZfB40Sojzxh0tLOv2H5CBKIdYNmW3nPCYKAITDRzVn%2FyK9s%2FmpoTdd%2FUBi2%2FShxEwi182DovRzvPghqlUYYyitIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 668b229f4f6305f9-FRA

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 19:48:00 GMT
x-content-type-options: nosniff
age: 267023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 19:48:00 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
1020 B 260ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

875a9d669726bcdac9e110254170e94ecf7ad470f20da3fdf552f4e2aa928abd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Fri, 02 Jul 2021 21:58:24 GMT

GET
H3-29 200 script.min.js Show response
shrinke.me/modern_theme/build/js/ 202 KB
57 KB 31ms
29ms Script
application/javascript 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /modern_theme/build/js/script.min.js?ver=6.4.0
pragma: no-cache
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shrinke.me
referer: https://shrinke.me/RdQypz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/RdQypz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 755382
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 12:16:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"32956-5a22587d62000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iorQ3ukc07GmVkpKAowgDDoqoN5uCfdFsbecfe5pEA%2B9%2FSNG3NaHZ5GtUpE1MJfM%2BtvEp81dpL3t1pr80e6dfrf5hBKoTwzhQjrit0Xe6PVlE1mXem20p34mT5CCFm6tgwzSBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 668b229f980e05f9-FRA
expires: Sat, 24 Jul 2021 04:08:41 GMT

GET
H2 403 1844b8e470c024a415cff51a0843d71c.js
praiserevision.com/18/44/b8/ 0
0 417ms
138ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://praiserevision.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 21:58:24 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 / Show response
services.vlitag.com/adv1/ 932 B
1 KB 368ms
125ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f04f52756e3d9df9e3438888bf6f94eca053bdf210a6c0dea4f5b13de9392e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 2 Jul 2021 21:58:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9ugcPfv6i%2B9C%2FRNA%2FFz2NIKg86nOwXsXEPCd7IZU1ts%2BuL7dNNN3m8WQXqDHd796WhFcYDNhHk6qXFTH7%2F0hAEoB%2BSfJ%2BX8q27lbuTZLhaTmRDASpQBa4LO5epc3BcK3WbOFqoYbk4ncgMuf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 668b22a12f684e08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 252ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1625263104.dop218.fr8.t,1625263104.cds278.fr8.hn,1625263104.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137383949-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49e1d30d90baec31dd6fe8806a60d7ea6473d374acb377426173659a45e92f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37014
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jul 2021 21:58:23 GMT

GET
H3-29 200 RdQypz
shrinke.me/ 21 KB
21 KB 50ms
50ms Image
text/html 2606:4700:3035::ac43:9770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinke.me/RdQypz

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /RdQypz
pragma: no-cache
cookie: lang=en_US; AppSession=efabdd8cc17b7d7308e40d831638c5d1; csrfToken=7f85b335aafbea9b2bf097da68c4df074be75e5f60cc2d90ee11112eec5bafe18917d1bfd13d4501751ccd11129acff9b84dd1ff5bb71288bfd477e3961ebf36
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shrinke.me
referer: https://shrinke.me/RdQypz
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shrinke.me/RdQypz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 668b229f981005f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QIGU2lx8reU4pWip4fNxScQUrWZ%2F3UgRfzi15Bdd%2Fy9iTt2IJzZ0gtjfW9w7dbmAMP209x%2Bn8Q7mNxnyB3Xw8vAgAZ%2FD4ZeT3gnvM0EzwBo0uft4gUgX8OnwOtFLVs4PtJxbwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, nofollow
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:05:12 GMT
x-content-type-options: nosniff
age: 215591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:05:12 GMT

GET
H2 403 1844b8e470c024a415cff51a0843d71c.js
praiserevision.com/18/44/b8/ 0
0 146ms
146ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://praiserevision.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 21:58:24 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1019
date: Fri, 02 Jul 2021 21:41:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 02 Jul 2021 23:41:25 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=658810091&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FRdQypz&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2009076746&gjid=855773383&cid=264001612.1625263104&tid=UA-137383949-1&_gid=1569640311.1625263104&_r=1&gtm=2ou6u0&z=1412846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-137383949-1&cid=264001612.1625263104&jid=2009076746&gjid=855773383&_gid=1569640311.1625263104&_u=YEBAAUAAAAAAAC~&z=1199381255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 02 Jul 2021 21:58:24 GMT
content-type: text/plain
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-137383949-1&cid=264001612.1625263104&jid=2009076746&_u=YEBAAUAAAAAAAC~&z=444013788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-137383949-1&cid=264001612.1625263104&jid=2009076746&_u=YEBAAUAAAAAAAC~&z=444013788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 14BA 4 KB
5 KB 827ms
386ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/RdQypz
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 498fd27eb6dc4514f79d6a0e0f8ac0a2743600d36313d087a0af349b9c918c1b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: nginx
x-adtrue-instance: java1
content-length: 4578
content-type: application/javascript

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame B201 4 KB
5 KB 642ms
207ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/RdQypz
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 12a0241564451caa4b0a2500a7bcaa051fa8cd696faed6093a59eefa9e9a0885

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: nginx
x-adtrue-instance: java2
content-length: 4578
content-type: application/javascript

GET
H3-29 200 / Show response
services.vlitag.com/uv/ 13 B
676 B 140ms
130ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshrinke.me%2FRdQypz&mtk=8509

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 2 Jul 2021 21:58:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TdWmEc1QUu9wRHf%2FGCU%2B4MRoDl73vUCPoQMgv8fUl9RB44wBksc7aIGjgkQ7bAETwb8KWPrsyeNeVjy5x4DAsjcBp850oHdpG8RDLrVgh7%2FDDvQiAZrS4FPCA8RLy7eyzKpMVKBqz5j2UYd3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 668b22a419364e20-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 b696d0f5c06dbd9fd83feb568718537b.js Show response
tag.vlitag.com/v1/1625130809/ 501 KB
114 KB 48ms
33ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f3d7193457684ae399a8059a8c7ed3b4c9d955954790a6a7c0515328c85825

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 132293
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HkmFN66C4donzSFCH26Xi5DqonplfsIFJmNdiXTfkPUSA5J7wKd0QUwLG6yE5b9Z4qchqjFEpO9fMFw%2F%2FWx8gyAnjz5A1VSJRGw7AImyGqU6TDbjLh4TUYgbR6Hfnb4Fr68m8heFvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 668b22a42e8d4e08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135608
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 12:12:13 GMT

GET
H3-29 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 4C14 40 KB
20 KB 43ms
29ms Document
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=normal&cb=cn8knd2cnbi9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec3901219beb934b6d5558718b6f77105aa2ff21ddbf5967ab9fff5d3e2d5d24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0wRF8vXqMeJ2hc1SNCCVJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=normal&cb=cn8knd2cnbi9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Jul 2021 21:58:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-0wRF8vXqMeJ2hc1SNCCVJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20634
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 41ms
32ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 779536
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QjwYGVgK3Tasj%2Ftfg89XrsG0QmNdwfUOSc0K52%2BI7C%2BLquXMgc6YwTEshB6wOUZBNOzjzhiqh39KXDv7kJvHRzO39tvlaWN8wJPCMXthmDXxcnTDA%2Bd7zRuNIZ%2BYq5LTIr2JG0NGZkgaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 668b22a4bfc44e08-FRA
expires: Wed, 23 Jun 2021 21:56:07 GMT

GET
H2 200 prebid-v5.0.3.js Show response
assets.vlitag.com/prebid/default/ 428 KB
120 KB 44ms
36ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be60df08d3dbb55a9354bfee50dbce87d57372552f622e36ba5e1228d7f67d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1003382
cf-polished: origSize=438213
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 21 Jun 2021 07:15:14 GMT
server: cloudflare
etag: W/"60d03c82-6afc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8zImoL6rJFsJo7MwNhl5zGSMZAu%2BsgaBpBIz9mga3lrDWCF7hiVjUsM4G7Hi5zoSlGeY3d2kxljTovmtnQ11E%2Bfec9%2BUBRuNfr48uXrEJuW2MjhwwtUFG5e5xgzHoqBYL5uKD3g3O7oPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 668b22a4bfc24e08-FRA
expires: Mon, 21 Jun 2021 07:45:22 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 69 KB
24 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87382837ed6beacde45806f327186623968425447a3b56df8e62fe288b6299ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "919 / 374 of 1000 / last-modified: 1625224147"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24287
x-xss-protection: 0
expires: Fri, 02 Jul 2021 21:58:24 GMT

GET
H2 200 viPlayer_v45.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 13 KB
5 KB 42ms
34ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1571316
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 14 Jun 2021 17:20:56 GMT
server: cloudflare
etag: W/"60c78ff8-34ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dZDMZnNfBcgjhP2heQs6VO37mhJ%2F6mfQXH%2FaL9Nd%2FYmfXA1YNnRFxQC%2Fjf9iqpe6ZY0EcDWt4e3Qg3xD%2BRZO%2FZfMhwWKhcUE7w%2FIcybwCnhhrzox1GdsurnuZ6uixoszFVW1Ah3xi4VPyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 668b22a4bfc14e08-FRA
expires: Mon, 14 Jun 2021 17:59:48 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 339 KB
117 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 21:58:24 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
16 KB 29ms
22ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1574208
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PpdiXAL3hC26P670BF5cuh%2BTxFBizuyiB9iAeiiubUdYG4bgS5rpXTd6682vtwfXwODJrj8D1gT1Tdz%2BU5LkpvFNVzcxX1jQh%2BrLGfZ53rO4QVFvIWGTPW2afI75%2BlyO4ReyoR7XQEBYzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 668b22a4bfc54e08-FRA
expires: Mon, 14 Jun 2021 17:11:36 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ Frame 4C14 52 KB
52 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=normal&cb=cn8knd2cnbi9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 09:44:52 GMT
vary: Accept-Encoding
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
x-content-type-options: nosniff
age: 44012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
expires: Sat, 02 Jul 2022 09:44:52 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ Frame 4C14 341 KB
132 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135608
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 12:12:13 GMT

GET
H2 200 pubads_impl_2021062901.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 153ms
54ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

b3af206751cc535ea2f272ee9c3b5a3d2ce8957a719c103720234c2a02472c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 08:36:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117057
x-xss-protection: 0
expires: Fri, 02 Jul 2021 21:58:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 29 B
702 B 153ms
54ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shrinke.me

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5c0c27a6374a3e00135c48696af6bb25a95a4c10c5bc1197602514eda85c4e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45
x-xss-protection: 0
expires: Fri, 02 Jul 2021 21:58:24 GMT

GET
DATA 200
OK truncated
/ Frame 4C14 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4C14 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4C14 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 23:32:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 253546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 06 Jul 2021 23:32:38 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4C14 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.recaptcha.net
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 08:09:57 GMT
x-content-type-options: nosniff
age: 222507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 08:09:57 GMT

GET
H3-29 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 4C14 102 B
132 B 17ms
17ms Other
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbbbc429a4bd535adb45f9ee2f1f8b899a9dbfccb4e11408e3ccc177563c2ce3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&size=normal&cb=cn8knd2cnbi9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 02 Jul 2021 21:58:24 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1017 B 6ms
5ms XHR
application/json 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210702

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a44a90c2edd5780af8fb2a7d0cfb6bd13e2096fe50b5145830b0d8eaf878ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 24835
x-jsd-version: 1.0.1025
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 946
etag: W/"699-pi0AYHZpkCMZrLaGwRdkqJz2ixo"
x-served-by: cache-fra19144-FRA, cache-hhn4024-HHN
x-jsd-version-type: version
date: Fri, 02 Jul 2021 21:58:24 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
358 B 275ms
259ms XHR
text/plain 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sMM10N9X2OrEYRLv%2FxMN070eqsnP9Rm56GYkIQkILNJnYTLuxxp0atHPFsdr0qAFK53Gu6xrCLnsav%2FplXddOGHdinvA6o5ehXYFi1sVwfIuWDBErFXcOn3vxjoFijOJ4yLiiuodBi2F8WP8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 668b22a62f074dfa-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 144 B
823 B 166ms
64ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7809921fada1b43a9ff8c95644ad853833b9f0f0083256fc2cb2b7b8e37a1339

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:25 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: cedb0f50-1695-4617-9d67-9fd82f95b182
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
258 B 444ms
201ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 76
vary: origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 188ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=69968723281
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:24 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=...
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0...

578 B
990 B

54ms
53ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 7727a727f79295af2e8180f3d07a7ea43737247dcb151075be57f9bbd1ec1666

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://shrinke.me
expires: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 578
x-sid: AMS-607

Redirect headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: openresty
access-control-allow-origin: https://shrinke.me
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
172 B 579ms
193ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 180ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=41772040433
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:24 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
611 B 253ms
250ms XHR
text/plain 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4W9uhOpSESRBSxP8d3EqW0BsWUW0xHcDI%2B79%2FSIGgG9vCsI2mokx5vvTAbce0VrC5yxk0X61aKa5HsPAaM4sQz0udMXaz%2Bn%2FNTAUk5KVWzDAHSL%2BqDRpvqJSgW6NmJ3pOZM%2F3Yu4gWcQRmHvtw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 668b22a62f0b4dfa-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 144 B
823 B 177ms
84ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e29427d19fd20b074d63feec3a5dea1b58d7ad50131bd2b2bc4c5fbeb77c52ab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:25 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 382cdbff-7a9b-4c72-93dc-0cb8b3e94794
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=...
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0...

578 B
989 B

55ms
54ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 7727a727f79295af2e8180f3d07a7ea43737247dcb151075be57f9bbd1ec1666

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://shrinke.me
expires: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 578
x-sid: AMS-607

Redirect headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: openresty
access-control-allow-origin: https://shrinke.me
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
361 B 384ms
154ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:24 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 32
vary: origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
172 B 570ms
193ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 168ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.0.0&cb=24050864947
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 262 B
941 B 166ms
73ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

728281cd5f19115bb2008fd4a76defd5852839e5d0aaba45c800e66c1a415e81

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:25 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 6b1599bd-a2d1-4b33-9807-0fd14447cf87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
234 B 429ms
210ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 88
vary: origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
365 B 409ms
408ms XHR
text/plain 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=goxyYg2M92cApa417mFXOBYW2H%2FBjx0moIzVqe9s%2Bfr8JNAQZXPiCV3VMcjbO8pgOwLGfoPtT2xz155Qd6wgGA4EfrZ7wfKVTJRaR%2B8K%2BY%2BBQ6C9LJhnAsjmzsCT2W75DNjEVT%2FS1CqBkEjgzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 668b22a63f374dfa-FRA

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
172 B 558ms
193ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fsh...
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%...

578 B
990 B

55ms
54ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: e63b6925de76805146fe8389328ef98a55dfc3bbc8e8679e1cfed88532bb3124

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://shrinke.me
expires: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 578
x-sid: AMS-607

Redirect headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: openresty
access-control-allow-origin: https://shrinke.me
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

GET
H3-29 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 40ms
29ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13150
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4vkyHodZRRTbBL0nmjc6ByEVBpCTudAaMwspeX1A5IOKqH8crrFjMcIeck5tokwXRCKJgP1IkycSQuhYMo7aRYwVCI5VCJ27x9swtPrq7o7CSd0OdBpfKWXRtK1yjn9KXbjRke22iqMdRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 02 Jul 2021 18:49:15 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 668b22a65a570ebb-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame 3837 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=cmkfhjaqz8em

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

15965c6dc0579da1ab765e10154742ddee465a7c7d8d86c6db712a7cc9754a5f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ERy6aVCMcsOLySxTq5VB9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=cmkfhjaqz8em
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Jul 2021 21:58:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-ERy6aVCMcsOLySxTq5VB9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1115
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ Frame 3837 52 KB
52 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=cmkfhjaqz8em

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 09:44:52 GMT
vary: Accept-Encoding
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
x-content-type-options: nosniff
age: 44013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
expires: Sat, 02 Jul 2022 09:44:52 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/ Frame 3837 341 KB
132 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eKRIyK-9MtX6JxeZcNZIkfUq/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=eKRIyK-9MtX6JxeZcNZIkfUq&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=cmkfhjaqz8em

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad28998a980be42a6734032f14ba4f38dcbcff1dc99303d7141574a71917aa37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135608
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:05:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 12:12:13 GMT

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame B201 257 KB
82 KB 17ms
16ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 8816209
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a7ed333250-FRA
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame B201 250 KB
78 KB 153ms
51ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 10:00:55 GMT
server: Apache/2.2.15 (CentOS)
etag: "1241a12-3e6b0-5c21f162d696a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=156461
accept-ranges: bytes
content-type: text/javascript
content-length: 78804
expires: Sun, 04 Jul 2021 17:26:06 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame B201 751 B
939 B 51ms
13ms Script
application/x-javascript 2606:4700:3038::6815:eb9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8013914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0AFBUwGyIToGnssYjDmvh3NqBXv3YjeLKmlTF1quP%2Bf63MPBAbIsLzS7nTcnqmKWZZPrXfplGgSA6nbmzeo0I%2BNHlvneKuG%2FYWXap%2F78UjOHjjWQmr6AvTRMaqma%2BT90PuaWnD7wbvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a81eff4aa3-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B201 0
183 B 61ms
61ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=88654983656
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B201 0
112 B 239ms
136ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B201 143 B
1 KB 164ms
70ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6a1d31249c0ba4a2cf6d852f1632360435ea920ae3846a5aba3bcd745893db27

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:25 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b264e71-cd01-4090-a1e9-54d67aea8d79
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame 14BA 257 KB
82 KB 20ms
20ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 8816209
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a8ff393250-FRA
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 14BA 250 KB
78 KB 55ms
54ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 10:00:55 GMT
server: Apache/2.2.15 (CentOS)
etag: "1241a12-3e6b0-5c21f162d696a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=156461
accept-ranges: bytes
content-type: text/javascript
content-length: 78804
expires: Sun, 04 Jul 2021 17:26:06 GMT

GET
H3-29 200 ga.js Show response
cdn-adtrue.com/track/ Frame 14BA 751 B
947 B 39ms
30ms Script
application/x-javascript 2606:4700:3038::6815:eb9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/RdQypz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8013914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k5On4O7Cic6zHuIx3OqpWty8Utj8WI%2FNzeiUvnpv2aqYjgmWiVljJqQJFqn661wtyfJW2%2B%2B0GzmuCPlvuuaNvoBRvDKYfvYfh69u%2F7NdLaoFlgPR9B6jnAjVtKVVWv%2B89DnErswZ3nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a90f64e007-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 14BA 0
56 B 133ms
133ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 14BA 0
183 B 62ms
60ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=53125804508
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 14BA 143 B
1 KB 56ms
56ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5c263392f3edeed7e81257832b22caf8f5130da8d7e24b517be9d47d8ce47d51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:25 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9182dac9-1317-4083-a356-cefb07c4671a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 72ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://shrinke.me
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1348
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame B201
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
https://mug.criteo.com/sid?cpp=XOS6Rnxpd2F2QVdtckRwY095aVRJOTQxYk5tdkRCSnBSbGEvMmNIcDI0ajdyYk13L0E4VHZXVjNnMmVrSHAzV1p0NzRsZ3hURHBQUDArUTl1MGZ4OUxTM045TVBZdjVGeG13S0k1Qm9xdy9FMStvRm5CSkRmaVpiK2t6TE...

348 B
609 B

163ms
55ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XOS6Rnxpd2F2QVdtckRwY095aVRJOTQxYk5tdkRCSnBSbGEvMmNIcDI0ajdyYk13L0E4VHZXVjNnMmVrSHAzV1p0NzRsZ3hURHBQUDArUTl1MGZ4OUxTM045TVBZdjVGeG13S0k1Qm9xdy9FMStvRm5CSkRmaVpiK2t6TEYzc2o2QTE1S0RmeWxkbFNyR1JUdjViaFFoU2lUVHhPeXdUQjF2TmtIUHJtaXZ6MUdGN2dwL0Z5OTJUUkc0RkFjSzBiQnpUVGhHUWtTaWtCK0M1eTlVVG1jTlZZNUthOWNYc0dPeDlVdUhFSVh3Rlp2UHpRPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

28c59e01db3d7d487eba533696bcbf5f410b6b1aac2cb02c016908070fdf382e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 02 Jul 2021 21:58:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2149
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 02 Jul 2021 21:58:24 GMT
location: https://mug.criteo.com/sid?cpp=XOS6Rnxpd2F2QVdtckRwY095aVRJOTQxYk5tdkRCSnBSbGEvMmNIcDI0ajdyYk13L0E4VHZXVjNnMmVrSHAzV1p0NzRsZ3hURHBQUDArUTl1MGZ4OUxTM045TVBZdjVGeG13S0k1Qm9xdy9FMStvRm5CSkRmaVpiK2t6TEYzc2o2QTE1S0RmeWxkbFNyR1JUdjViaFFoU2lUVHhPeXdUQjF2TmtIUHJtaXZ6MUdGN2dwL0Z5OTJUUkc0RkFjSzBiQnpUVGhHUWtTaWtCK0M1eTlVVG1jTlZZNUthOWNYc0dPeDlVdUhFSVh3Rlp2UHpRPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1678
content-length: 482
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://shrinke.me
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1407
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 14BA
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
https://mug.criteo.com/sid?cpp=mu3KjXxXbEtST21ycTQxekdWNkUyZm1La2tHbGFxRFFnSXhiRTNMeWV5ckErVXlCbVUxTXY2NnVHYW5kYVRqbnhIenBiYTd5Q01EdlFiMEVPaHYxUDNVdnh2OUk0OHJjZUY2VjJrNFpEUnk3VjdYQVVCcVd1VFphUXkxSV...

350 B
609 B

162ms
54ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mu3KjXxXbEtST21ycTQxekdWNkUyZm1La2tHbGFxRFFnSXhiRTNMeWV5ckErVXlCbVUxTXY2NnVHYW5kYVRqbnhIenBiYTd5Q01EdlFiMEVPaHYxUDNVdnh2OUk0OHJjZUY2VjJrNFpEUnk3VjdYQVVCcVd1VFphUXkxSVRsbm85SzhKZ1lGYTNxemYrdGhrTDhDVnJPdC94WWVRWmpkZ3Z0cTRGMUNEbTg5R0paTHV0QzVPbWZ6bjFoVDVVYVVjdVpuVUh2ZXp1emdVVGZoaDlzd1pjWEtUTHFlMUtDZEdMdHVwcGM5N29rWkNiOFZnPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ebd5d99b50add1128c689352a4157a4686dd8a05b4a6910dcc82ef942c56e122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 02 Jul 2021 21:58:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1760
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 02 Jul 2021 21:58:24 GMT
location: https://mug.criteo.com/sid?cpp=mu3KjXxXbEtST21ycTQxekdWNkUyZm1La2tHbGFxRFFnSXhiRTNMeWV5ckErVXlCbVUxTXY2NnVHYW5kYVRqbnhIenBiYTd5Q01EdlFiMEVPaHYxUDNVdnh2OUk0OHJjZUY2VjJrNFpEUnk3VjdYQVVCcVd1VFphUXkxSVRsbm85SzhKZ1lGYTNxemYrdGhrTDhDVnJPdC94WWVRWmpkZ3Z0cTRGMUNEbTg5R0paTHV0QzVPbWZ6bjFoVDVVYVVjdVpuVUh2ZXp1emdVVGZoaDlzd1pjWEtUTHFlMUtDZEdMdHVwcGM5N29rWkNiOFZnPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1831
content-length: 482
expires: 0

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 596D 753 B
552 B 15ms
14ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 8815887
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a9b85b3250-FRA
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H3-29 200 / Show response
tag.vlitag.com/passback/ Frame 44EE 402 B
822 B 17ms
17ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1625130809&d=8509&z=29441&divID=vi_850929441_768&w=320&h=100

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6263f35dcb57865abc7bb83ca17b3bf6b561f7866e26136b27c9d8e4267a8991

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 121803
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B8G1ad80EcGST31qxfkaoFvTIRBqUQ5%2FE0mcazgFmwsc5YaElaWR28Tgtk%2F7eQg00PhuTwAbA3PPDlWhfJKLcm%2BRisW29vZXEY%2FI5f5L3nvhLnoJGK%2B7Ewk8iGKB2VktjD7mKEsxIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 668b22a9c8b10ebb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ Frame 44EE 0
257 B 130ms
129ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNyZMUPyUB-qZqe-PyKZ-wTrU-aqayZaPeKeYyRzNhqllwqe0RrNMZAaRmNYaPPTRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=knS62CyM%2BsFEfeIDWBwb1lyAXUJLn0u6C2xZVAZrboj2ohZN3sEu0P%2Bj5P9x1PHdS%2BhVIT3kGWI82YqcrfBccEt3V8biJ6IS1XRQKbJBt%2Btnn9JHtQ2%2FI2phvZftwTGmUMM%2ByaamDgSr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 668b22a9ca9c4e08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H3-29 200 / Show response
tag.vlitag.com/passback/ Frame 9FCC 195 B
732 B 17ms
16ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1625130809&d=8509&z=29440&divID=vi_850929440_201&w=970&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b65da7e1759e98a2f61c7c52b78089e03473fbfa1fe85e8891e3255cbbf9f5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 94039
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1wdSYY92bE3yoTwBL0l%2Bdr%2BtgdZT1dMLsmCxRB%2FMPwDTlJz6p5PDL7YMgi5IjdGv%2FAyRW8UP4rQ7kzBoCYwAV5pzgVJpKm%2Faibn7CQOSzdx%2F1yWry%2FDGgF1ji4YvRPFTt75DN8iE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 668b22a9c8bb0ebb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ Frame 9FCC 0
520 B 116ms
115ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNAtYKtrey-PUTP-PMYZ-MaZZ-AaqeArrKTaMTRzNhqllwqe0RrNMZAaRmNYaPPARrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jwsmBMCx114IYah3G51y0gek2ock9W%2FnLRThBsK0hjhRpodF8%2Fxue%2BsIA588B3u9XnBkbDyV%2BvWPl9TSva%2FcKbqYpLIoHa8LdJTORSrE0ADGukMK2uwyesioIu8s1I4xmep2e5AgBVMf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 668b22a9caaf4e08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H3-29 200 / Show response
tag.vlitag.com/passback/ Frame D2F8 402 B
825 B 19ms
18ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/passback/?t=1625130809&d=8509&z=29441&divID=vi_850929441_568&w=320&h=100

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6263f35dcb57865abc7bb83ca17b3bf6b561f7866e26136b27c9d8e4267a8991

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 13438
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rKirV6qLxES4DyE51D8jvPmScEXVy8wufcC48OMgZuMlLkc04D61ZDtP3A7Gzr%2B8pQvLNwRj%2FHuCgD7JGbz1OxTzUNwPrhTHPX4e%2BYlQJm7QWPMZej1%2FAq0GK%2BjJOZvsOX29iVL1Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 668b22a9c8c20ebb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ Frame D2F8 0
262 B 218ms
218ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNYZKPPwBK-TKYw-PPPt-awTy-BKAwMPKUeBTeRzNhqllwqe0RrNMZAaRmNYaPPTRrtNRcsokty_orN
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IJkpt%2Bj%2BBeKiupkjj7SmdopcnpspsodB7y8C8R4crF7e4S%2Bep%2B%2FnYMC98FDmBt%2B1majjWQzzJq9GQf%2BPdKmIPof%2B%2FjVrlRa8TWcB37aV9tgN75KVrcOiFAPBbv%2B3SY3WEHLasNCeFxuF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 668b22a9dad34e08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 9132 91 KB
36 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

671bc8e42f0899fcf7da09f46695ad7cffdab68856290382a1f8bb168404f21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37005
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jul 2021 21:58:25 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 13D2 91 KB
36 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

671bc8e42f0899fcf7da09f46695ad7cffdab68856290382a1f8bb168404f21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37005
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jul 2021 21:58:25 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 3B46 91 KB
36 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1625130809/b696d0f5c06dbd9fd83feb568718537b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2a1fc2d342da99380caebf6a5f3f36c37ef9fbad7d98133eb911573f1445931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37007
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jul 2021 21:58:25 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 596D 299 B
490 B 210ms
210ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=521563399&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e74896721735b05a9816587363aea8d3bb1784eaf3fdf680d184ace32db6e037

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: nginx
content-length: 299
content-type: application/javascript

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ Frame 44EE 7 KB
3 KB 13ms
12ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1625130809&d=8509&z=29441&divID=vi_850929441_768&w=320&h=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 8816219
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a9e8c93250-FRA
expires: Thu, 17 Mar 2022 21:01:26 GMT

GET
H2 200 shrinke.me.992723.js Show response
jsc.adskeeper.com/s/h/ Frame 9FCC 267 KB
74 KB 182ms
67ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1625130809&d=8509&z=29440&divID=vi_850929440_201&w=970&h=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a5555ac242e26bc279b536b1e41d5bc601a2570f92581f4ceaf990c5c12d11

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4072
cf-ray: 668b22aacef5cdab-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74935
x-amz-id-2: Vfb+k25lUs2l7WAVwv2NdIpLJbvWhT35MtBqzlZeJwd2VJEJG7udD6VjhnRNjs3S4bDveyLhfYs=
last-modified: Thu, 24 Jun 2021 10:31:46 GMT
server: cloudflare
etag: "8676a64ce1d91ad42018b80a6c1f725b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 03M940B1WSBSH9QF
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 03 Jul 2021 01:58:25 GMT

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ Frame D2F8 7 KB
3 KB 14ms
13ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1625130809&d=8509&z=29441&divID=vi_850929441_568&w=320&h=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 8816219
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22a9f8e13250-FRA
expires: Thu, 17 Mar 2022 21:01:26 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 9C1E 4 KB
5 KB 208ms
208ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/RdQypz
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c183b97bb99d7df202a275214dc4d87fc96082c9093a8b63be2f6d8639500b25

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: nginx
x-adtrue-instance: java1
content-length: 4578
content-type: application/javascript

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame F21D 753 B
485 B 15ms
14ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 8815887
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22aa19193250-FRA
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 7914 4 KB
5 KB 209ms
208ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/RdQypz
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c183b97bb99d7df202a275214dc4d87fc96082c9093a8b63be2f6d8639500b25

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: nginx
x-adtrue-instance: java2
content-length: 4578
content-type: application/javascript

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 13D2 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 983
date: Fri, 02 Jul 2021 21:42:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 02 Jul 2021 23:42:02 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 9132 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 983
date: Fri, 02 Jul 2021 21:42:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 02 Jul 2021 23:42:02 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame F21D 2 KB
2 KB 207ms
206ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=1838054391&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ecbbfcd03dfa1f6826b68e63ba9287b8e6d79590eea05e115543a6694a98329b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
server: nginx
content-length: 1675
content-type: application/javascript

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 3B46 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 983
date: Fri, 02 Jul 2021 21:42:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 02 Jul 2021 23:42:02 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 13D2 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1304132448&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FRdQypz&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=907268961&gjid=1471727191&cid=264001612.1625263104&tid=UA-128776493-30&_gid=1569640311.1625263104&_r=1&gtm=2ou6u0&z=480678375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ Frame 9132 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1065447250&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FRdQypz&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUAB~&jid=&gjid=&cid=264001612.1625263104&tid=UA-128776493-30&_gid=1569640311.1625263104&gtm=2ou6u0&z=1117563305

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:21:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34630
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 160ms
53ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 930
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 160ms
53ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1000
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 collect
www.google-analytics.com/ Frame 3B46 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1340059391&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FRdQypz&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUAB~&jid=&gjid=&cid=264001612.1625263104&tid=UA-128776493-30&_gid=1569640311.1625263104&gtm=2ou6u0&z=259706498

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:21:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34630
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adtrue.shrinke.me.994618.js Show response
jsc.adskeeper.co.uk/a/d/ Frame 596D 268 KB
67 KB 182ms
80ms Script
text/javascript 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=521563399&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e13a1b7e62e48b43c7aca8ab5643504d15c4d72e4d999942f9ef6594533c34

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 4721
cf-polished: origSize=274526
last-modified: Thu, 24 Jun 2021 10:32:22 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: EKDQAWPDAPANXHK9
x-amz-id-2: UX2jX1wpieOD5hxtcyQyGjYbK6dv+e+K7tryKo/nJlxh+DX8dl/tl4c3x1lulmYc
cf-bgj: minify
server: cloudflare
etag: W/"f2c1e8c481bacdea5af5343eb81c1089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 668b22ac0ce7012a-AMS
expires: Sat, 03 Jul 2021 01:58:25 GMT

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame 9C1E 257 KB
82 KB 17ms
16ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 8816209
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22ab5b3a3250-FRA
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 9C1E 250 KB
78 KB 53ms
52ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 10:00:55 GMT
server: Apache/2.2.15 (CentOS)
etag: "1241a12-3e6b0-5c21f162d696a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=156461
accept-ranges: bytes
content-type: text/javascript
content-length: 78804
expires: Sun, 04 Jul 2021 17:26:06 GMT

GET
H3-29 200 ga.js Show response
cdn-adtrue.com/track/ Frame 9C1E 751 B
911 B 12ms
12ms Script
application/x-javascript 2606:4700:3038::6815:eb9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/RdQypz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8013914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U8erT76SC%2FcPJtSnYiOrZyRcI0wEadZVS%2FODPumf90K80RJIZhWYQQWkPfT%2F%2FgNSALv8XNwk24iO7yQTYD7mmfjm3oA3T58K3mLVpPhUmFZi0AzKLMO98nAcoYfgCA%2Bkrgbex4EqEvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22ab5a88e007-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame 7914 257 KB
82 KB 16ms
16ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 8816209
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22ab6b693250-FRA
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 7914 250 KB
78 KB 56ms
55ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 10:00:55 GMT
server: Apache/2.2.15 (CentOS)
etag: "1241a12-3e6b0-5c21f162d696a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=156461
accept-ranges: bytes
content-type: text/javascript
content-length: 78804
expires: Sun, 04 Jul 2021 17:26:06 GMT

GET
H3-29 200 ga.js Show response
cdn-adtrue.com/track/ Frame 7914 751 B
906 B 22ms
22ms Script
application/x-javascript 2606:4700:3038::6815:eb9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cb=3523927990&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/RdQypz
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8013914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SKCNFE%2Bd0EFfB72C2ewagKQsLMw4woTwLdfLGJ31m88HaSjqzlqLVloB7cSoIIOYTUXIAmKI8dU4qCav5DEMqfrs1JNshEmuaLE4n%2FYwJkm0gZkGfc29HF3587qWABF3d3cucSiE4n0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22ab6aa7e007-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9FCC 2 KB
546 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 20:51:13 GMT
server: ESF
date: Fri, 02 Jul 2021 21:58:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:58:25 GMT

GET
H2 200 / Show response
c.adskeeper.com/pv/ Frame 9FCC 0
284 B 117ms
115ms Script
text/plain 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1625263105861964507639&uniqId=12bcb&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cxurl=https%3A%2F%2Fshrinke.me%2FRdQypz&lu=https%3A%2F%2Fshrinke.me%2FRdQypz&pageView=1&pvid=17a693ae74598f24624&site=629011&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22abd8e3cdab-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 9FCC 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 9FCC 4 KB
2 KB 177ms
62ms Image
image/svg+xml 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 6621
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7TTE6E1B08DP2RMH
x-amz-id-2: IBoVAR/fVZBzjCkotxruthDlxnDTUn966PlH8ZIfdbMLrNRphxb75e3A7KHCOZSAaF9r3+Pq+ww=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 668b22ac8fb7c82b-AMS
expires: Sat, 03 Jul 2021 01:58:26 GMT

GET
H2 200 n.js Show response
cdn.run-syndicate.com/sdk/v1/ Frame F21D 17 KB
17 KB 235ms
60ms Script
application/javascript 67.27.158.121
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=1838054391&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
last-modified: Wed, 17 Feb 2021 15:07:12 GMT
server: nginx
age: 1341257
etag: "602d3120-44f3"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 17651

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 9FCC 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options: nosniff
age: 204530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 13:09:35 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9C1E 0
183 B 64ms
63ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=10008128974
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9C1E 0
56 B 92ms
92ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9C1E 143 B
1 KB 150ms
150ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d57d364ff8baf9b00fda91b5734d31d2eb90fae6f0d3d5f9bdb8e5d3ca1319b7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:26 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0ce56c14-8346-499d-99d9-6042b098b265
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7914 143 B
1 KB 51ms
51ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

818d6ea84bb2e6d79bb3a86de7538c2cc78bcd34b37efca07bdd574d7ee75241

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:25 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b62e0204-939b-4c91-96d4-d3b19586037a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7914 0
56 B 119ms
119ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7914 0
183 B 61ms
61ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=13606351427
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:25 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 26ms
26ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://shrinke.me
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1709
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9C1E
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
https://mug.criteo.com/sid?cpp=bUhEZ3w3Q0U2dmQrZTAxVm5MWHZhbWd1NFZlR0owQjRpYVJHQVZjVERSNHVhNk9SOHlKSzhBUHNCMEFaeVk1cHBUblROd2V0MU84V1IrcW4vYXl4RTc2SVBQd2ZTbHF1Z3FyLysrMjhMdHBGelc5NXpBNUltd3hub1JoYV...

348 B
608 B

55ms
55ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bUhEZ3w3Q0U2dmQrZTAxVm5MWHZhbWd1NFZlR0owQjRpYVJHQVZjVERSNHVhNk9SOHlKSzhBUHNCMEFaeVk1cHBUblROd2V0MU84V1IrcW4vYXl4RTc2SVBQd2ZTbHF1Z3FyLysrMjhMdHBGelc5NXpBNUltd3hub1JoYVg4d05Sbmh6QWtvWlpSWnI1dGZPM01ZVFc3VWQ1dDFiaWp1dkE5MUJxdnAwdW9NRDJzWHN6eEVvVThqVGFmL3lPUlEzTWliVTd3NzlQd3IwVTlXeWhXY1lSTE96N05VUVVic3lmRHk1TGxnOG03TDJUOGk4PXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

99549f4f35db810e540b6ca8e527b268222ed46c89af49182fa057620242c9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 02 Jul 2021 21:58:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2558
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 02 Jul 2021 21:58:25 GMT
location: https://mug.criteo.com/sid?cpp=bUhEZ3w3Q0U2dmQrZTAxVm5MWHZhbWd1NFZlR0owQjRpYVJHQVZjVERSNHVhNk9SOHlKSzhBUHNCMEFaeVk1cHBUblROd2V0MU84V1IrcW4vYXl4RTc2SVBQd2ZTbHF1Z3FyLysrMjhMdHBGelc5NXpBNUltd3hub1JoYVg4d05Sbmh6QWtvWlpSWnI1dGZPM01ZVFc3VWQ1dDFiaWp1dkE5MUJxdnAwdW9NRDJzWHN6eEVvVThqVGFmL3lPUlEzTWliVTd3NzlQd3IwVTlXeWhXY1lSTE96N05VUVVic3lmRHk1TGxnOG03TDJUOGk4PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1705
content-length: 482
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 24ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shrinke.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://shrinke.me
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1317
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7914
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
https://mug.criteo.com/sid?cpp=4YbX2Hx6VEdHOGF5YzV5TE5YYjF3OGpyVjNDWHFleEJIREd6T3pNdGVlQS9mZWthTkFEa3F0R0RrM1Bmd1ZuUXZKY25ZdllvZ1RKbnFxU1M1NW1DVStqRFEvTDRiYk5UbDIwV3BxZ2R3dXByY3FWSUJZR1ZIeHRXTHJmS0...

355 B
613 B

56ms
56ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=4YbX2Hx6VEdHOGF5YzV5TE5YYjF3OGpyVjNDWHFleEJIREd6T3pNdGVlQS9mZWthTkFEa3F0R0RrM1Bmd1ZuUXZKY25ZdllvZ1RKbnFxU1M1NW1DVStqRFEvTDRiYk5UbDIwV3BxZ2R3dXByY3FWSUJZR1ZIeHRXTHJmS05ZMTkxUlJrUEV6TjVITWlOUzloMjg1dGRsWG1mb0ptbHFYcmo4Y3dzaW0zcUxETHgyTWZtNERhN2xEQXNEZER0RHJuSlRQdkdhOXI3WTlsb2FvQmZBSWxFVEh0bWQwMlRIRmdFY2s4Wks2SnZKNXFxNm1JPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a1e95f3b4721fd4de5ccf53fd4697299e27f9c317a1125aa411b7022b4e221af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 02 Jul 2021 21:58:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2098
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 02 Jul 2021 21:58:25 GMT
location: https://mug.criteo.com/sid?cpp=4YbX2Hx6VEdHOGF5YzV5TE5YYjF3OGpyVjNDWHFleEJIREd6T3pNdGVlQS9mZWthTkFEa3F0R0RrM1Bmd1ZuUXZKY25ZdllvZ1RKbnFxU1M1NW1DVStqRFEvTDRiYk5UbDIwV3BxZ2R3dXByY3FWSUJZR1ZIeHRXTHJmS05ZMTkxUlJrUEV6TjVITWlOUzloMjg1dGRsWG1mb0ptbHFYcmo4Y3dzaW0zcUxETHgyTWZtNERhN2xEQXNEZER0RHJuSlRQdkdhOXI3WTlsb2FvQmZBSWxFVEh0bWQwMlRIRmdFY2s4Wks2SnZKNXFxNm1JPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1698
content-length: 482
expires: 0

GET
H2 200 1 Show response
servicer.adskeeper.com/992723/ Frame 9FCC 1005 B
893 B 136ms
126ms Script
application/x-javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/992723/1?pv=5&cbuster=1625263105930355916116&uniqId=12bcb&niet=4g&nisd=false&w=970&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cxurl=https%3A%2F%2Fshrinke.me%2FRdQypz&lu=https%3A%2F%2Fshrinke.me%2FRdQypz&pageView=1&pvid=17a693ae74598f24624&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd568821e3af989695f8cfef4556800a9ce7e973ead21a9d90dce6c93985ad59

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ac598dcdab-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 53ms
53ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1109
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 59ms
59ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 931
date: Fri, 02 Jul 2021 21:58:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame E007 753 B
515 B 14ms
14ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 8815888
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22acadf83250-FRA
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame E007 431 B
622 B 206ms
206ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20036&divid=351408852&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a39d60f737b78b6739ec48800c96f53f8d61cbc93afeb2d5dfb79376285197c3

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
server: nginx
content-length: 431
content-type: application/javascript

GET
H3-29 200 css
fonts.googleapis.com/ Frame 596D 2 KB
546 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: shrinke.me
URL: https://shrinke.me/RdQypz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 20:43:31 GMT
server: ESF
date: Fri, 02 Jul 2021 21:58:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 21:58:26 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ Frame 596D 0
286 B 114ms
106ms Script
text/plain 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1625263106071303455070&uniqId=17919&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cxurl=https%3A%2F%2Fshrinke.me%2FRdQypz&lu=https%3A%2F%2Fshrinke.me%2FRdQypz&pageView=1&pvid=17a693ae74598f24624&site=630298&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ad2894c82b-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 596D 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 596D 4 KB
2 KB 118ms
61ms Image
image/svg+xml 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 6621
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7TTE6E1B08DP2RMH
x-amz-id-2: IBoVAR/fVZBzjCkotxruthDlxnDTUn966PlH8ZIfdbMLrNRphxb75e3A7KHCOZSAaF9r3+Pq+ww=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 668b22ad7a0c1ee7-AMS
expires: Sat, 03 Jul 2021 01:58:26 GMT

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame E74D 753 B
485 B 14ms
14ms Script
application/x-javascript 2606:4700:10::6816:3181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 8815888
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 668b22ad0ea83250-FRA
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 596D 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shrinke.me
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options: nosniff
age: 204531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 13:09:35 GMT

GET
H3-29 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 9FCC 4 KB
1 KB 93ms
61ms Image
image/svg+xml 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 6621
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 7TTE6E1B08DP2RMH
x-amz-id-2: IBoVAR/fVZBzjCkotxruthDlxnDTUn966PlH8ZIfdbMLrNRphxb75e3A7KHCOZSAaF9r3+Pq+ww=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 668b22ad7a0f1ee7-AMS
expires: Sat, 03 Jul 2021 01:58:26 GMT

GET
H2 200 i.js Show response
cm.adskeeper.com/ Frame 9FCC 19 B
150 B 118ms
117ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1625263106112487207926
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: f83f76ad-dedc-436c-b4be-a2101fd785f1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ad6b0fcdab-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame E182 19 B
126 B 167ms
167ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1625263106116718096682
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: ebfa3186-905c-426c-9287-1200a497eab2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ad6b16cdab-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.adskeeper.com/g/8193537/492x277/0x168x510x340/ Frame 9FCC 41 KB
42 KB 64ms
63ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1625263106-SNQ8QnwceIlYTXYc-a8udMZ_luMxhOG01EiJ45WYXO8
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:33:43 GMT
x-mg-request-uuid: 8b8e3356-07c4-4686-8bab-9be28daa9887
age: 4273571
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 668b22ad6b17cdab-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42384
server: cloudflare

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame E74D 431 B
622 B 206ms
206ms Script
application/javascript 52.34.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20036&divid=857099055&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a39d60f737b78b6739ec48800c96f53f8d61cbc93afeb2d5dfb79376285197c3

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
server: nginx
content-length: 431
content-type: application/javascript

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/994618/ Frame 596D 1 KB
867 B 121ms
119ms Script
application/x-javascript 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/994618/1?pv=5&cbuster=1625263106128423608486&uniqId=17919&niet=4g&nisd=false&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FRdQypz&cxurl=https%3A%2F%2Fshrinke.me%2FRdQypz&lu=https%3A%2F%2Fshrinke.me%2FRdQypz&pageView=1&pvid=17a693ae74598f24624&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52367a0abd84edb619d04c7bc995592a48e34e3854f92ede97691dda12e3ead

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ad78efc82b-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 n.css
cdn.run-syndicate.com/sdk/v1/ Frame F21D 8 KB
8 KB 52ms
52ms Stylesheet
text/css 67.27.158.121
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.run-syndicate.com/sdk/v1/n.css
Requested by: Host: cdn.run-syndicate.com
URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.158.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
last-modified: Wed, 17 Feb 2021 15:07:12 GMT
server: nginx
age: 1331022
etag: "602d3120-2055"
content-type: text/css
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8277

GET
H2 403 invoke.js
praiserevision.com/b08bc109300d9c6de2b250d77095f421/ Frame E007 0
0 138ms
138ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://praiserevision.com/b08bc109300d9c6de2b250d77095f421/invoke.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 21:58:26 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ Frame 596D 113 B
177 B 250ms
249ms Script
application/javascript 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1625263106254336083724
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba343de22a7aa739139692bcf38535c18dcb40e52ab718d2162f7d571144b59

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: br
cf-cache-status: MISS
x-mg-request-uuid: 09fd5059-3952-4f57-a5f7-599ecf8e1527
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ae49cac82b-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame 55E8 19 B
141 B 241ms
241ms Script
application/javascript 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1625263106257320649673
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: br
cf-cache-status: MISS
x-mg-request-uuid: 0554c032-fbba-491e-99a7-83cfc19eb1c2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22ae49cdc82b-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.adskeeper.co.uk/g/8164884/492x277/0x0x1001x667/ Frame 596D 17 KB
17 KB 57ms
56ms Image
image/webp 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1625263106-Itwvzgec0Btk6kvJ3ZiLqW9blnaRSKfCCp4PqeYQmao
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521650f230fb40fdbfa06b56e8c084f9347fbf2a2e9fccd8216080f56cfb638b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:22 GMT
x-mg-request-uuid: 29317d09-fb63-4e1c-b26f-b2c4f0e08102
age: 6107500
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 668b22ae4844012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17234
server: cloudflare

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B201 83 KB
27 KB 86ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 403 invoke.js
praiserevision.com/b08bc109300d9c6de2b250d77095f421/ Frame E74D 0
0 138ms
138ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://praiserevision.com/b08bc109300d9c6de2b250d77095f421/invoke.js
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 21:58:26 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A5A2 291 B
724 B 25ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1981
set-cookie: uid=481fc9cf-2567-4eb4-93b0-6cd68bf4d493; expires=Sat, 02 Jul 2022 21:58:25 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 02 Jul 2021 21:58:26 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B201 83 KB
27 KB 93ms
46ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 14BA 83 KB
27 KB 27ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 /
cm.steepto.com/setmuidn/ Frame 596D 0
173 B 288ms
178ms Image
image/gif 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=l62qipzgvwWe
Requested by: Host: shrinke.me
URL: https://shrinke.me/RdQypz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 668b22b0786ffa68-AMS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 14BA 83 KB
27 KB 26ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9C1E 83 KB
27 KB 27ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7914 83 KB
27 KB 25ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9C1E 83 KB
27 KB 29ms
29ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7914 83 KB
27 KB 25ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.105.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 26ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:26 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 25ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:27 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jul 2021 21:58:27 GMT

GET
H3-29 200 c
c.adskeeper.com/ Frame 9FCC 43 B
470 B 202ms
143ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=294|235|12|RiMZpGgqWaqrLuyHZq0Lnv1jrocPal-JKOnpbhzqlbU86rM-tSLb8gY-fZPjrgnA&fw=1&extjs=66044&cid=992723&h2=s6DTIq8_dmTag7EPnAov6fYQbKAFjAuN36GEKP-SyJc*&rid=a081723b-db80-11eb-a784-d094662f8ab5&tt=Direct&iv=11&pageImp=1&pvid=17a693ae74598f24624&cbuster=1625263107298337867572&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:27 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 905b965b-52c6-4d67-8cbf-99bc16a8c228
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 668b22b52aed084b-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

POST
H/1.1 200 806.json Show response
id5-sync.com/g/v2/ Frame B201 213 B
528 B 199ms
50ms XHR
application/json 51.89.20.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/806.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

fdd906098a7eb76f672c3059ff71847d2703fddfef5b8be372e7aa3e922ea40c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://shrinke.me
Date: Fri, 02 Jul 2021 21:58:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame B201 77 B
825 B 206ms
74ms XHR
application/json 54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5899869add348d864fa5b85c926a7c9c0bbb6e6b5921fb2a9c471c6d609a9f29

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shrinke.me
cache-control: no-cache
x-server: 10.45.8.165
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame B201 109 B
539 B 184ms
61ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 43dacc8968c1414f9d83e87fa12e268b89a1122fa9f1b0f5bbcd8742e06f70c7

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 01 Aug 2021 21:58:27 GMT

POST
H/1.1 200 806.json Show response
id5-sync.com/g/v2/ Frame 14BA 213 B
528 B 178ms
45ms XHR
application/json 51.89.20.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/806.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a5d605d6da91ae914a04b42995301f1eaf3fd8e608668eef4c5159304a848972

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://shrinke.me
Date: Fri, 02 Jul 2021 21:58:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 14BA 77 B
824 B 215ms
104ms XHR
application/json 54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8faa4f2a6272dc6351dc5eccedf18ef372b6253f9225a3da7b392a3702eba7b8

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shrinke.me
cache-control: no-cache
x-server: 10.45.31.89
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 14BA 109 B
538 B 164ms
61ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 953146f69d72a0c4008658b203791ea3dc14c99feeea46e85526f254563b7bd3

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 01 Aug 2021 21:58:27 GMT

POST
H/1.1 200 806.json Show response
id5-sync.com/g/v2/ Frame 9C1E 213 B
528 B 49ms
48ms XHR
application/json 51.89.20.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/806.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

7a138f8398518226b10adf5c44c56088a5f3a93c053d0edccd62676c0da67650

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://shrinke.me
Date: Fri, 02 Jul 2021 21:58:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 9C1E 77 B
824 B 72ms
72ms XHR
application/json 54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8e0ed2a470a733d153902892773cab8ba40e954d8e74998adc45a16a6c991a10

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shrinke.me
cache-control: no-cache
x-server: 10.45.2.45
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 9C1E 109 B
539 B 61ms
61ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 75d0828b62e0c952b16f377ca03218012335b7c2636259e69b51331ca48bfb62

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 01 Aug 2021 21:58:27 GMT

POST
H/1.1 200 806.json Show response
id5-sync.com/g/v2/ Frame 7914 213 B
528 B 47ms
47ms XHR
application/json 51.89.20.86
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/806.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9d455fc17a8fa60d79aa2cc041659520a821a140a0c09c0c04a223883303a09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://shrinke.me
Date: Fri, 02 Jul 2021 21:58:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 7914 77 B
824 B 73ms
73ms XHR
application/json 54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 89777b72e69d12483d5a6400cbb2fc16db705325ff22ef0ddf7d87cf774742f1

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shrinke.me
cache-control: no-cache
x-server: 10.45.8.165
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 7914 109 B
539 B 61ms
61ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: bc94f3726c902323405413ec20b3692fb83ac667e75aa5a6ffb9c6f4cb7f6c86

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shrinke.me
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 01 Aug 2021 21:58:27 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
258 B 249ms
249ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:28 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 128
vary: origin

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
387 B 252ms
251ms XHR
text/plain 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://shrinke.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MtjTbtML%2BOPT4fo6TKgN6eNJ8Lc%2FPETEytd6Es5d1wdZS3iWZYeO7YQIs%2Fhc8GbXYkpsQPKKvcZopQNaSVPhfvoFmGu1tyUhDEKFema4UlnklVeSTQTqu%2BC%2BMKSTzz8ejWLjXoluehSvbDHqLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 668b22b9080c4dfa-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 261 B
940 B 94ms
94ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b38590b4acd97cd6c0372f0231bfd31f1bad3718dd44c792a5aff8654b9a943

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid: 8bd90fe2-d0a5-437e-9180-f292c36f7755
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shrinke.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 261
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
183 B 64ms
63ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=185&av=34&wv=5.0.0&cb=60345983133
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:27 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7260487120502028&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=ht...
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=FF&crs=U...

595 B
1007 B

55ms
55ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 1fb9ee9d1e324253fe12413581cff11e6c0ed6d1edbc618c06129a24ea62a2bc

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://shrinke.me
expires: Fri, 02 Jul 2021 21:58:28 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 595
x-sid: AMS-607

Redirect headers

date: Fri, 02 Jul 2021 21:58:28 GMT
server: openresty
access-control-allow-origin: https://shrinke.me
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7260487120502028&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FRdQypz&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FRdQypz&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 184ms
58ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:28 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 events
bidder.criteo.com/csm/ 0
183 B 61ms
61ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://shrinke.me
date: Fri, 02 Jul 2021 21:58:27 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 13ms
12ms Image
image/svg+xml 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1608981
cf-ray: 668b22baade34e08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jIuQg3kmwpsYcqoohvlUUnzUupvaFHa3HFrDeRiBI%2BebgX5kDXW%2BngZFvnisiRu1XptCuxBnDF0snyLHCR5gIQAq2sv1fQsg%2FW%2BKq8vfzpEOmSRAtlwzfRgbeGo2igeKc5QqTaGrqn78lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D56F 52 KB
17 KB 140ms
46ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 23 Jun 2021 04:33:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 02 Jul 2021 21:58:28 GMT
Age: 62170
X-Served-By: cache-lga21982-LGA, cache-fra19125-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 413170
X-Timer: S1625263109.669763,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AE2C 38 KB
14 KB 54ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=46628
expires: Sat, 03 Jul 2021 10:55:36 GMT
date: Fri, 02 Jul 2021 21:58:28 GMT
vary: Accept-Encoding

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame D3CD 636 B
578 B 150ms
50ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=AIpTgcPPMEW-3IuT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

server: openresty
date: Fri, 02 Jul 2021 21:58:27 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Wed, 01 Jul 2026 21:58:27 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 64FB 636 B
577 B 150ms
51ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=AIpTgcPPMEW-3IuT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

server: openresty
date: Fri, 02 Jul 2021 21:58:27 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Wed, 01 Jul 2026 21:58:27 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 74FB 636 B
577 B 148ms
50ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=AIpTgcPPMEW-3IuT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

server: openresty
date: Fri, 02 Jul 2021 21:58:27 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Wed, 01 Jul 2026 21:58:27 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 55BA 636 B
577 B 148ms
51ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=AIpTgcPPMEW-3IuT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

server: openresty
date: Fri, 02 Jul 2021 21:58:27 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Wed, 01 Jul 2026 21:58:27 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 11BC 3 KB
1 KB 434ms
432ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5504a7d121704d230765caa659795f0fb0ec245a25ed916bcf9b5135112362bb

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
content-type: text/html
set-cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4; expires=Thu, 22 Jul 2021 21:58:28 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dcDeYpmjGGXnBBaD8%2FVvuSbRjYF34C95VDIKdt7GyaAo1XbSvlQ0%2BUzPQF6a%2BabGVwAOvPsepnYvZIMGBLKJpQZsu19dZUzopCdy3iYXSon2wDIDT6Jh2qAjVQWmJYaG%2BSOe1cI1Yah3bfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 668b22bc8f3b4dfa-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame F8FF 3 KB
1 KB 214ms
213ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc97dd7559e987e3466fcd79d637f8e581cf3139faa9584020bb91b434bca3f7

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
content-type: text/html
set-cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4; expires=Thu, 22 Jul 2021 21:58:28 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kZrvTDqHfuIFB2q4iS9VvptFPALp184CxQ7oVXj9UwDtNg5K3v4ZcJk6ARvWe5xfQhJjNt5IRZ4NwODpwHLD6Innur%2FQHqyHrQdPzDdZWnXUQENpvf9miWgCUefbVTSBQ1fDE%2BY%2FkGtZRe0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 668b22bc8f364dfa-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 5BBE 3 KB
960 B 217ms
217ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc97dd7559e987e3466fcd79d637f8e581cf3139faa9584020bb91b434bca3f7

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
content-type: text/html
set-cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4; expires=Thu, 22 Jul 2021 21:58:28 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IeYBtBp45kn4f1%2Fm750X6yoGP1luRW6GfrHNx7OVCo7kkcRLSp5r9aXckiIfpffs6zSfR6x0OWkcRoPry15fazGDKWc5qogHXpgNN6OAA7SZG%2BoZEkmgq1SuecLZ3avaxEdcTesON7xyxhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 668b22bc8f3f4dfa-FRA
content-encoding: br

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 5EC7 3 KB
951 B 214ms
214ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57544bb3e215a89bf1c9a3615315c0bcab1047d593632aa79b853f12e6ef3f3a

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
content-type: text/html
set-cookie: uid=9f309174-c7be-430f-a35a-040fbf7550a4; expires=Thu, 22 Jul 2021 21:58:28 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KnsXLoc0spgAsuBXZcoazP2Kef6SfbmXcXi8%2B96d9GUt3miNJ1abKBRplQ5ZkABrK6QEOE6Q0WUFKSBRYcmMk7l1XPXhl4R9YYlbB27YIUTHdJXQ92kg5eBKnfRpH8jLxkL%2Fi7Nj80lJH4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 668b22bc9f534dfa-FRA
content-encoding: br

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D5ca5ceb377b58a05%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D5ca5ceb377b58a05%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5ca5ceb377b58a05&uid=39563667ad0d6efa05a55af4

42 B
104 B

7307ms
76ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5ca5ceb377b58a05&uid=39563667ad0d6efa05a55af4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=5ca5ceb377b58a05&uid=39563667ad0d6efa05a55af4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D36c730bea59769b8%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D36c730bea59769b8%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=36c730bea59769b8&uid=39563667ad0d6efa05a55af4

42 B
103 B

7303ms
76ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=36c730bea59769b8&uid=39563667ad0d6efa05a55af4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://shrinke.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=36c730bea59769b8&uid=39563667ad0d6efa05a55af4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0D7D 38 KB
14 KB 52ms
51ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shrinke.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=46628
expires: Sat, 03 Jul 2021 10:55:36 GMT
date: Fri, 02 Jul 2021 21:58:28 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 00D9 52 KB
17 KB 136ms
42ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shrinke.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://shrinke.me/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 23 Jun 2021 04:33:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 02 Jul 2021 21:58:28 GMT
Age: 62171
X-Served-By: cache-lga21982-LGA, cache-fra19155-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 430184
X-Timer: S1625263109.726708,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AE2C 5 KB
6 KB 183ms
60ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29873766&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fed5fc749581a49446557bcf5c253e172446e5b7854a0284f57866c24138b869

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:27 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame D3CD 0
367 B 182ms
63ms Script
text/plain 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fshrinke.me%2F&s=&rand=1625263108721

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 , France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:28 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame 74FB 0
367 B 163ms
57ms Script
text/plain 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 , France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:28 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame 64FB 0
367 B 157ms
53ms Script
text/plain 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 , France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:28 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame 55BA 0
367 B 155ms
54ms Script
text/plain 212.83.160.162
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.83.160.162 , France, ASN12876 (Online SAS, FR),

Reverse DNS

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:28 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

43 B
323 B

220ms
220ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g9g8S7OcAuGp6i%2BJr4n2fbHQm3ka3M2yT%2BTed3CDu1MoNBgoEIuFtlwvbQ0b89zBGtD8nF8AparltutdhbppHYsxJxfF8F%2FHuJUe%2F5%2BY%2B%2F0YUACYT9TABct7TM%2FzwuGZXc2Yj0PN%2BePYspc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c04f564dfa-FRA
content-length: 43

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390

43 B
315 B

218ms
218ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EXRuUrhqdVYcOPHgGIakLTJ5tWlHHjSr5UdvY4dwc1RMIGFOYRGm1OvLozWP47ToAuvop0E29qzLSYM0z0veLFJ1fKYZd1TJIMdexG3TYJpP4ldJSX29gHq%2FIpsnROVmiHLgUkCuVtORQdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22becbe44dfa-FRA
content-length: 43

Redirect headers

date: Fri, 02 Jul 2021 21:58:28 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NSVrLcXTgjv0rJ4vKwleCDqNPCrewN42zKH%2BqPlGH4UthIy9L7vNumz%2BEilJIgCoKsCHuA9RwX1h978h%2BLWp6EJ5pRmET45cDbfbSmc365PEHGtUCoHq%2F2u027o8x6KCqMsPFowohx6j"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390
cf-ray: 668b22bdfa2a4dfa-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409

43 B
322 B

223ms
222ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FfLWwYnNWB4HuIVtPuSIrS%2BoNvnDzXKKmfW2sOpExYZ19jkLzygv613TolhqX%2Fh3KV4Xek5jYOJcy%2FFiDkQDvJTY0xJYGX4ChATBVOQNSrN6SADMco3BRZnCXKTj%2Fno4pYX7OES96XGrLCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf3cd34dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 89d43fe4-4a0b-4482-ade9-0e683b7f1aca
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame F8FF 0
478 B 236ms
56ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409

43 B
321 B

230ms
230ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dT244DWnkkqxCM3RuVwhLA8f14yL9FmQcwm3fCwPXwukzmPIHx%2BFffvFnKBaE87kbOkQXKhK3zxXw4WMWZt3wJ%2FrvO6DxMT9qadtFJf94Ja%2FYPO%2FZE0yv45ty2AFZOBV6fbwQR4QIcO21ks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf3cde4dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d09647ee-f644-49f3-8960-65c3510c0eda
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HVPJkH1E2uEoxoMdF5yLTQE2lWzn3SxdHmYu7co-~A

43 B
322 B

229ms
229ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HVPJkH1E2uEoxoMdF5yLTQE2lWzn3SxdHmYu7co-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ae5tZseLXVTXVdT0MFDT3DAmKlYN5BnliP%2BNXY%2FVlrLUBJYFIgMjSQfESUu3KyYKbScgLnJvSzBD2Aht9N6lLyxQUw%2BF8v%2FThr5FHbj5%2Ffk7Dwl4uQsa8lRy9CUsXNIJlB57LbhqlLIje7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf8dd04dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HVPJkH1E2uEoxoMdF5yLTQE2lWzn3SxdHmYu7co-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2979978277709350370

43 B
323 B

219ms
218ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2979978277709350370
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k84ZqQNja%2FCBLYURoSjh8eqNzcaLPlPnEri0V6JySOaNiThFwAGjCiCEvBEewPc%2FYgkCX91%2F0VwpQnrUxTrV9wy6nUKb7%2FderKIeQZEBP7vjXaHCfkCfq%2BRwpUa%2B0ZdkKPg9KLVeo3ImpfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf2cb74dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 474ae6b2-f557-443d-9c85-7a2fc127a3fc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2979978277709350370
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-66190411-689f-454c-a081-979ae39789d8

43 B
320 B

406ms
406ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-66190411-689f-454c-a081-979ae39789d8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NYV1TyCU7L41ReUKYDCnX%2FQwb51SnICotX%2BJec9Mn3SEZfWcqZhdjbcpi2tKOzZv6vsuT0qrwqdVLXv1xoLNbIOsKV6C1R%2BjnwRIWhXqMsHHrtGlNdeG7zhq8BoF7gX8%2FjvZTDQMfnYUSjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c07fcd4dfa-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-66190411-689f-454c-a081-979ae39789d8
date: Fri, 02 Jul 2021 21:58:29 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

43 B
331 B

212ms
211ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FzpkKHI0x2K39xEk%2F7bQkS8mKvYbUBjKsTgTt1s%2Fv1NRkn8UgL6NFBMintDszIxtJSXAOOrCPD3d5alldg3JMrgKKEi3538DUE7QcCcvhnHIDf%2FeY3tz2ZZU5Ds%2BoG3N7%2FmnjngjZZpiiCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22be6b0a4dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F8FF
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23cea97-db80-11eb-8b9e-02b322529300
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300

43 B
319 B

229ms
229ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fHT7KUuZiIA5Qm2TkcwhGypLacYFUhhbwSx8wPW7h64oR6%2FzmvN8guVlApCofhmjESW%2FhqVGj%2FesAi%2FOpGgVvbSF5tH4jKsEEFdCzXK3FHG4lTzQwOydUAtX0vQqHtpE6f5HbsdYLJJZ0Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bfde744dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 6144 43 B
555 B 439ms
283ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YN+MC; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame FD16 2 KB
823 B 144ms
47ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 37D1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

176ms
67ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 59452f1018daf2f06355e16f4f3c9ea355d83f3300d52f426978a13bbeb05fc3

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YN.MBEmmPcA1OB4sWnlo2QAA; CMPS=1124
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|230|45|88|90|73|196
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1856
Expires: Fri, 02 Jul 2021 21:58:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBEmmPcA1OB4sWnlo2QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMPRO=1187;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMRUM3=f160df8c0505a0&4960df8c0505a0&2d60df8c0505a0&2760df8c050b40&e660df8c052760&5860df8c0505a0&c460df8c0505a0&5a60df8c0505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMST=YN+MBWDfjAUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 21:58:29 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 02 Jul 2021 21:58:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBEmmPcA1OB4sWnlo2QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:28 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:28 GMT

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame F927 3 KB
3 KB 1468ms
142ms Document
text/html 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2705
date: Fri, 02 Jul 2021 21:58:29 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 33E4 14 KB
5 KB 53ms
52ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47620
expires: Sat, 03 Jul 2021 11:12:08 GMT
date: Fri, 02 Jul 2021 21:58:28 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 5EC7 0
474 B 277ms
56ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2979978277709350370

43 B
457 B

219ms
219ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2979978277709350370
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s%2BDHppdWYCWypmfHlcMLVAy4BW9CDA4pVWRme8bZZlDx0bNUooV6zCSmrWXzb4NUM3ezFjChYDr5S5lsbeXB2tySuK%2F0zUAz73vxcSX%2FYKkStuHD6%2FG%2F6ahQA0a9q0UgtKxMdGvmyv9P1mA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf3cca4dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f6ea5228-0117-4f16-9296-fc1479de73e4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2979978277709350370
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-PdQf07hE2uEBHVSMk61P72_Y68cGtgoIC_quV0o-~A

43 B
317 B

229ms
229ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-PdQf07hE2uEBHVSMk61P72_Y68cGtgoIC_quV0o-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a60ZrF1VV9G295dehriCsHdqi035vcKG9yAslGpedb63sLU%2BEzvE5nIbzpAYJN8X2JlamThIjgc4oCOO3u4WIcsCPZ%2B0joiBV7Ehk%2BGJO7Z%2BJlH4xZLleAmbTKSpsugOdrbGTSmf63KpRiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf7db04dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-PdQf07hE2uEBHVSMk61P72_Y68cGtgoIC_quV0o-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8263369623774889826

43 B
341 B

220ms
220ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8263369623774889826
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Rm95T8A07pmT%2BbUV5O6LShWF4IokCGI4phqIXMENo2UGneHG7UWkCAoa6FOZbKgkCFiMNIXfd3ySOXEnV%2F0DRKDY78L544iDwRbyxZFR1n6gUqzkq655RTRqV%2FqH1F8TaWqsW52GQ08mIpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf3cce4dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:28 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: af7e513f-2af8-4092-a3e5-b6f68d468360
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8263369623774889826
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-22d0cb40-1dcd-4f4c-b4bb-79b9b4c29438

43 B
317 B

406ms
406ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-22d0cb40-1dcd-4f4c-b4bb-79b9b4c29438
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cxXtOUCzFpUr%2Fh4SF90lF4z6AA5bADUc8JdxDEVOp0uCpTnKnJTMAo%2BJFJRXTsBEOJVWVpAKDNLMsOT4JEA7tzb8npVuHFz1RK0ZncTtBbMY7Is5VDttdczs2qecToCIDvQzmnd%2FxcmNpgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c07fd44dfa-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-22d0cb40-1dcd-4f4c-b4bb-79b9b4c29438
date: Fri, 02 Jul 2021 21:58:29 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

43 B
319 B

214ms
214ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9g%2B3G6teVG2wYxtWeS%2FGrd5YWeolWTj9xbk1mvLtaFXJTIuxtxIsau80%2Brcb0aUp9Z0YxtGxBDinfEO%2Bw0%2F2ctpwa%2FYFE5LLFzXeXlxi3EgXWQxiH7FAh9s19olRY1SES1oDc49VkDq4jWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22be7b1a4dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23c9c8a-db80-11eb-91b2-06ce98f2e9c8
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23c9c8a-db80-11eb-91b2-06ce98f2e9c8

43 B
320 B

236ms
235ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23c9c8a-db80-11eb-91b2-06ce98f2e9c8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TySMnkNwXMyqNnYG%2BmBeaOLZKI6MxYMlFlOqoZSLOoyqqyoEYq1J8pDAU0ohgtl78vlpXBConE%2F5GrLGwZcnKA6l4HHv0RK3JJoa%2BPkKvRlxJFKRELQVNt9PLQ7LrZtf8BWaoCw67fHXt%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bfce424dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23c9c8a-db80-11eb-91b2-06ce98f2e9c8
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

43 B
344 B

215ms
215ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cQbdMwE%2FOIuHg3HBP6WWeLqjL2TOD%2BQPeOn8kQpZosH16JyWGzs6bvsBnZoCuMjheVY8Xn8Xji57seO%2BMVeYpqGEWi45uWHPrjTXHR4IRc%2B384ar0YCJJHGKFIhliIz%2FcvGWjHtwcdYHx6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c05fa44dfa-FRA
content-length: 43

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d1cbb6d7-7604-445d-a808-cb074a67aece

43 B
319 B

227ms
226ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d1cbb6d7-7604-445d-a808-cb074a67aece
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ns6vnghCKGoxbBR9iAO0EO7MztvXZ88Fil6UK3pQlm%2BvWYPqkUQBASdceW5DBaS5kKM%2Fb3LryIeJjeCuL%2Bu9v6CiZIFR2aC9HXVWrcq7y28tRUYc80%2FncJ6h3uaav2y%2BhE8tyPo3MqWXVXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf5d424dfa-FRA
content-length: 43

Redirect headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cNejxBYq0hDXwwV7935mLDLoILXNMrzjbU%2BHjotf2g3nQSZH6uh%2FfpUWFyvRqmyO7qimFrn7KUNbXg%2BcMz2si2TPK3ZqvTRcCgu30CkVW6v7IL%2BV5HbuTNXRB7WUKoC0%2F7%2F9wz0snXw0"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d1cbb6d7-7604-445d-a808-cb074a67aece
cf-ray: 668b22be0a4a4dfa-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5EC7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8263369623774889826

43 B
323 B

228ms
228ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8263369623774889826
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tDnkIrCEUs7k7WAjsHsg5MofT4jWHz%2FzRvr%2FzrZJh54KL%2BDF08YLMT4XUNv%2B6eo6wCeuy8O3YZxMohuL9hBU65mH%2B3yB5v1t3UuYpPpT5yox6uEGafXiFj%2FBD4LpaSiionJIo%2BcOBPJOpgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf7db44dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 70511b5c-176e-4040-8062-2c736da7cd9c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8263369623774889826
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 566F 43 B
551 B 212ms
54ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YN+MB; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9A9B 2 KB
823 B 134ms
47ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame FD0D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

171ms
63ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3d8fc7a86edddd72e2141cab3256d3384d57f0a2eb55a1d3b59d1f3747cb138a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1124; CMID=YN.MBUmmPcA1OB4sWnlo3QAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|230|241|156|31|195|218
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1925
Expires: Fri, 02 Jul 2021 21:58:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBUmmPcA1OB4sWnlo3QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMPRO=1163;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMST=YN+MBWDfjAUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 21:58:29 GMT CMRUM3=9c60df8c0505a00&2760df8c050b40&e660df8c052760&2d60df8c0505a0&da60df8c052760&f160df8c0505a0&1f60df8c0505a00&c360df8c0505a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 02 Jul 2021 21:58:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBUmmPcA1OB4sWnlo3QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame C0CC 2 KB
2 KB 1462ms
147ms Document
text/html 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: 4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2273
date: Fri, 02 Jul 2021 21:58:29 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 78A6 14 KB
5 KB 55ms
52ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=1FA49F31-635C-4598-A4E5-6505A4EF1748; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1625788800%3A223_2_67_15%7C1626048000%3A63%7C1626393600%3A176_13_166_99_81_234_220_21_161_54_3_230_165_56_71_55_88_7_8_22_222_204_189%7C1626480000%3A35%7C1627776000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47620
expires: Sat, 03 Jul 2021 11:12:08 GMT
date: Fri, 02 Jul 2021 21:58:28 GMT
vary: Accept-Encoding

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

43 B
327 B

211ms
211ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mPXDTypqsw5rVudDt4uQ3GdymrAyLCKXx4QJSxEpEfEukAfLm56rJJ7VO5BvBpVJ2OQNYVaNvkv71kHKL5rAqAQ2yAdWMMvCKgM7Hn09qw389ZicZHL9jGPI0M%2F4MCC8hpNAQmVanW78KjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c108f74dfa-FRA
content-length: 43

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d4e57417-da9b-41e9-b71d-6bb7bfb89e0e

43 B
325 B

230ms
229ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d4e57417-da9b-41e9-b71d-6bb7bfb89e0e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XvJGgAYzV576BLwsRHOl8aDJllNFOpfUmT5u6k9d9TOuTIzGxltAbL2QFgmVqY7y4WeMsDcfpOM2B%2FHhEuLrS2e9c4tUNiIpBSWAKyHoptZHFcPzuXHCmR7IlSYsPqhZ1ntq4KuvCWqegek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf7dad4dfa-FRA
content-length: 43

Redirect headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KD31C4dvba6XA55UqVbqvzfvZltVXKFwr9XOA2eJhllyKR3%2ByYiF0y9kJJ3wxqnm2ZdPeYwAFhkS9GRmsaRuPswpjZIsB4WofNOcFhF2AMkmS3aIG590GkrdelP3T1VZNjalGD0k3pXa"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d4e57417-da9b-41e9-b71d-6bb7bfb89e0e
cf-ray: 668b22be0a604dfa-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5028896942451452902

43 B
322 B

239ms
239ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5028896942451452902
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7QHlAviALhxZhLVyFzW%2Fb%2BmyrkTEf8qqNlSt1QFTPNUdHUSAAQcgy4bfXL7KfY4PzpcOBh2EInjrFdWdVDjBCZd8Ws%2FixLfpxMmlmTjtpMAlDBnMr%2BAsclPzoN%2BWxg%2Fal2RhLsIw1xjvNm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf7dc04dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2adeef83-b8f7-4df9-8164-034653a1f95c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5028896942451452902
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 5BBE 0
474 B 272ms
56ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1140373801212735255

43 B
315 B

229ms
229ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1140373801212735255
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Bdai%2FrT6qtrK3SmJowprKYgxGy4oNqzyj04XmKRZsx2WIsZasipUB2FpoKpLuZAdwRyWWT3ypTIwXMYpoXx0jpbXIGPDKGaxVqWCHXDrNd5ZHNH10KmlIg1cdN2uECvX18ChVCBggwK2Y8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bf7dbe4dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dec38feb-143e-4f5d-b3b4-df5321652ded
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1140373801212735255
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A

43 B
322 B

223ms
223ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vmnShDQCjGl2mcusWTfjijmLnf9QwU0OGlh1YZXCRBCCFVKLT0YGUgpv7ZxOQ0GNFWKocSAHGZFy%2B%2FVzx%2Bnorm%2B6sdv%2BmsS186uhQNy%2FUhVYHDkWru19k016qA2BpULM2Ep29hGGXDguvPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c00edf4dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1140373801212735255

43 B
319 B

227ms
227ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1140373801212735255
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B2BKqyBfFgzk1fx60XNB9K6renBpBXw5o9CUhWrgQbasuEpzuEvqr8gNfgm54vfvv%2BXgUfGE1JdQ2BtAyzJVHMr8BDhuzSj%2BfR%2Bi6gOdxqjwhS2EuoP3tZ%2BMwLSTj523bmW77Zq2DNTTjkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c00ed24dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e43b8d01-289f-41e7-89ed-8d084bed1bbf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1140373801212735255
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-c68750b0-67cd-4c5a-900b-ecd27e2f80a5

43 B
325 B

217ms
217ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-c68750b0-67cd-4c5a-900b-ecd27e2f80a5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LfZf5RDLthpllZlOqB29%2BGDKAb9%2B87xvteBb9IL41u2Z6gz%2FI%2B2UoDEuPEGrFGIaFSu2OZfie%2B8zw4vb%2ByZ%2FKAr43hda7tp5WOloWpk4VjkUY0D%2FxsxWfiCV9Alsm%2BgEqkqg0YaQprHt6Kk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c07fcc4dfa-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-c68750b0-67cd-4c5a-900b-ecd27e2f80a5
date: Fri, 02 Jul 2021 21:58:29 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

43 B
328 B

219ms
219ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XsvpIl%2BYBWZQ%2BQ79L%2B0nNyz%2BvCiZ7ZpwVs0dEDJpIptbKh%2B%2F14dwZVCrFR%2Fbw90t%2BpWG0Bhl4VgYypHXGkyU40yyrJIwHZidd5%2FoIt5OUyJmQbEfpxh4jOf8Z9MbKvl4FlgGgZUVto%2Fu1PY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22becbdf4dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5BBE
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23cea97-db80-11eb-8b9e-02b322529300
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300

43 B
323 B

413ms
413ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KgmljAhX5tZzaDGyetjbwUPpwFwna2a%2F2S7Z%2B%2BBOXETBwQBhlMKHyrqqPvkHxLtHd5ZjDIiEL1L2gdOvkYkh%2Fe%2BZqCHqG33iEussgLZSiuTAHFxf9IIZgY0Yewq4PElxkVPP%2F5e6exj5q1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c03f3a4dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 8046 43 B
555 B 208ms
56ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 02 Jul 2021 21:58:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YN+MB; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B9FE 2 KB
823 B 126ms
47ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame FDCA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

121ms
64ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c347bd32bf25cbfe26ac5576a21f4a6d5c47099d327596c40c65c3d1d6f45805

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1124; CMID=YN.MBUmmPcA1OB4sWnlo3wAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|230|45|156|57|130|191
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1691
Expires: Fri, 02 Jul 2021 21:58:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBUmmPcA1OB4sWnlo3wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMPRO=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMRUM3=9c60df8c0505a00&3960df8c0505a0&f160df8c0505a0&bf60df8c0505a0&2d60df8c0505a0&8260df8c05a8c0&2760df8c050b40&e660df8c052760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMST=YN+MBWDfjAUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 21:58:29 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 02 Jul 2021 21:58:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBUmmPcA1OB4sWnlo3wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame E5D2 2 KB
2 KB 1449ms
142ms Document
text/html 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: 4b11c95118b3eb3f49d4fbe5a3bf9777846263f72602745e3be775c65e64829d

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2273
date: Fri, 02 Jul 2021 21:58:29 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1D27 14 KB
5 KB 54ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=1FA49F31-635C-4598-A4E5-6505A4EF1748; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1625788800%3A223_2_67_15%7C1626048000%3A63%7C1626393600%3A176_13_166_99_81_234_220_21_161_54_3_230_165_56_71_55_88_7_8_22_222_204_189%7C1626480000%3A35%7C1627776000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=47620
expires: Sat, 03 Jul 2021 11:12:08 GMT
date: Fri, 02 Jul 2021 21:58:28 GMT
vary: Accept-Encoding

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame BC07
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748

35 B
468 B

45ms
45ms

Document
image/gif

37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=7811198633916791843; expires=Tue, 31 Aug 2021 21:58:36 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Fri, 02 Jul 2021 21:58:36 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1FA49F31-635C-4598-A4E5-6505A4EF1748
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Mon, 02 Aug 2021 21:58:36 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame E4CC 35 B
134 B 7301ms
79ms Document
image/gif 213.155.156.180
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame C5A6 43 B
360 B 7300ms
80ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 02 Jul 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1082
x-powered-by: ASP.NET
date: Fri, 02 Jul 2021 21:58:35 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3B1A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980451930616035476

42 B
519 B

63ms
63ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980451930616035476
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980451930616035476
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6980451930616035476; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 21:58:36 GMT; path=/ PugT=1625263116; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 21:58:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 21:58:36 GMT; path=/
x-lat: lhrpug004:0:345
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 02 Jul 2021 21:58:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6980451930616035476; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6980451930616035476

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 2A21
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCcTIwN0J2eGdBQURkNXFkc3YyUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCcTIwN0J2eGdBQURkNXFkc3YyUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&_bee_ppp=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABpPk7BvxgAADjBcz9HYw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABpPk7BvxgAADjBcz9HYw&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABpPk7BvxgAADjBcz9HYw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

185ms
60ms

Document
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABpPk7BvxgAADjBcz9HYw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Fri, 02 Jul 2021 21:58:36 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABpPk7BvxgAADjBcz9HYw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 93BE
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
88 B

64ms
64ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug007:2:262
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=49b7ac7b-f944-4e1d-8b05-9684662c26ca; path=/; domain=csync.loopme.me; Expires=Mon, 02-Aug-2021 21:58:36 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Fri, 02 Jul 2021 21:58:36 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 552A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5946876506
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5946876506
https://sync.1rx.io/usersync/tradedesk/a7e5ae24-3133-47fc-befb-87c23acd098e
https://sync.targeting.unrulymedia.com/csync/RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003

42 B
270 B

65ms
65ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_1101=23040-6980451930616035476; PugT=1625263116; PUBMDCID=3; KADUSERCOOKIE=04B41D9D-E78E-47D8-B7E9-14E6D4E7122D; SPugT=1625250185; KRTBCOOKIE_27=16735-uid:62b660df-8c0c-4b00-b009-acc459d00aa3&KRTB&16736-uid:62b660df-8c0c-4b00-b009-acc459d00aa3&KRTB&23019-uid:62b660df-8c0c-4b00-b009-acc459d00aa3&KRTB&23114-uid:62b660df-8c0c-4b00-b009-acc459d00aa3; KRTBCOOKIE_409=22966-R52rwnbvav4xyGaYcLBJXE4m; KRTBCOOKIE_391=22924-7413012034931079448&KRTB&23263-7413012034931079448; KRTBCOOKIE_80=22987-CAESEN9eFUSbeNlSK0IBzASCJf0&KRTB&16514-CAESEN9eFUSbeNlSK0IBzASCJf0&KRTB&23025-CAESEN9eFUSbeNlSK0IBzASCJf0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003&KRTB&17107-RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 21:58:36 GMT; path=/ PugT=1625263116; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 21:58:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 21:58:36 GMT; path=/
x-lat: lhrpug008:0:477
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003%22%7D; path=/; expires=Sat, 02 Jul 2022 21:58:36 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-318a9ee3-f2fc-452c-b61e-2d77cf76bc32-003
etag: RX318a9ee3f2fc452cb61e2d77cf76bc32003

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 9827 42 B
974 B 35ms
17ms Document
image/gif 2606:4700:3039::6815:c02e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 02 Jul 2021 21:58:28 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 668b22be4a2a05e4-FRA

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A4D2
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=R52rwnbvav4xyGaYcLBJXE4m

42 B
216 B

63ms
63ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=R52rwnbvav4xyGaYcLBJXE4m
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=R52rwnbvav4xyGaYcLBJXE4m
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 02 Jul 2021 21:58:36 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-R52rwnbvav4xyGaYcLBJXE4m; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 21:58:36 GMT; path=/ PugT=1625263116; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 01-Aug-2021 21:58:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 21:58:36 GMT; path=/
x-lat: lhrpug017:0:250
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Fri, 02 Jul 2021 21:58:36 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=R52rwnbvav4xyGaYcLBJXE4m; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=R52rwnbvav4xyGaYcLBJXE4m
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 7C64 43 B
408 B 7297ms
65ms Document
image/gif 72.251.241.206
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 02 Jul 2021 21:58:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-4
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C6BC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
425 B

168ms
166ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aOnoeUSyZaRVRT8vtPLE3WNQSUfMGu1lFoHXq6urx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=adnsIHuyTYFBErv6YbolH1bDf9NMwu7ZdEYDaxcHF9L3t36UEZdOOdQnAXMr35bgaOwlEilPUqMxD1ZaAZbD38W1S1ZdQ; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 21:58:29 GMT; SameSite=None; Secure; ANON_ID_old=adnsIHuyTYFBErv6YbolH1bDf9NMwu7ZdEYDaxcHF9L3t36UEZdOOdQnAXMr35bgaOwlEilPUqMxD1ZaAZbD38W1S1ZdQ; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 21:58:29 GMT;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 668b22bf6dc14ee0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Fri, 02 Jul 2021 21:58:29 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 3518
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aOnoeUSyZaRVRT8vtPLE3WNQSUfMGu1lFoHXq6urx; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 21:58:28 GMT; SameSite=None; Secure; ANON_ID_old=aOnoeUSyZaRVRT8vtPLE3WNQSUfMGu1lFoHXq6urx; path=/; domain=.tribalfusion.com; expires=Thu, 30-Sep-2021 21:58:28 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 668b22be4b204ee0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DB65
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xnUIbu44vgF2&pid=557219

1 B
69 B

66ms
65ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xnUIbu44vgF2&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xnUIbu44vgF2&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=1FA49F31-635C-4598-A4E5-6505A4EF1748; chkChromeAb67Sec=1; DPSync3=1626393600%3A201_197_219%7C1625270400%3A174; SyncRTB3=1625788800%3A223_2_67_15%7C1626048000%3A63%7C1626393600%3A176_13_166_99_81_234_220_21_161_54_3_230_165_56_71_55_88_7_8_22_222_204_189%7C1626480000%3A35%7C1627776000%3A203; KRTBCOOKIE_377=6810-4aad68c4-4587-4f21-a07c-476c9f0056bf&KRTB&22918-4aad68c4-4587-4f21-a07c-476c9f0056bf&KRTB&23031-4aad68c4-4587-4f21-a07c-476c9f0056bf; PUBMDCID=3; KRTBCOOKIE_57=22776-8372263956767750951; KRTBCOOKIE_153=19420-ggiBYoxb1TGZC9U0g1vINYIPhDaZDNU0jAznfKHL&KRTB&22979-ggiBYoxb1TGZC9U0g1vINYIPhDaZDNU0jAznfKHL; KRTBCOOKIE_218=22978-YN_MBQACMO6WqwBg&KRTB&23194-YN_MBQACMO6WqwBg&KRTB&23209-YN_MBQACMO6WqwBg&KRTB&23244-YN_MBQACMO6WqwBg; KRTBCOOKIE_466=16530-79ec9133-428a-45e4-9f69-8495b013c0d6; PugT=1625263110; KRTBCOOKIE_22=14911-7443955337145363771
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 02 Jul 2021 21:58:30 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 21:58:30 GMT; path=/
x-lat: lhrpug004:0:2241
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-k4h8s
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xnUIbu44vgF2&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=8ce94acb9a0bb5b8; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame A893
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

401ms
56ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 02 Jul 2021 21:58:29 GMT
via: 1.1 varnish
x-served-by: cache-hhn11536-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1625263109.231237,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 02-Jul-2022 21:58:28 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d8508297-533f-4e03-bb61-192fac555bfe-tuct7d91184&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Fri, 02 Jul 2021 21:58:28 GMT
via: 1.1 varnish
x-served-by: cache-fra19132-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1625263109.851989,VS0,VE8
x-vcl-time-ms: 8
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H6SfMWNcRZik5WUFpO8XSA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H6SfMWNcRZik5WUFpO8XSA%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

51ms
51ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=47612
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 03 Jul 2021 11:12:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1a660df-8c0c-4700-9609-5d275b42daaf

0
237 B

64ms
64ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1a660df-8c0c-4700-9609-5d275b42daaf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:23:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 02 Jul 2021 22:00:43 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1a660df-8c0c-4700-9609-5d275b42daaf
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 02 Jul 2021 22:00:42 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AE2C
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=1FA49F31-635C-4598-A4E5-6505A4EF1748
https://spl.zeotap.com/?zdid=1332&zcluid=73a0c66952749df0
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESEIRO9R7WEo9E18X332X3jbs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e...

95 B
256 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEIRO9R7WEo9E18X332X3jbs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zcluid=73a0c66952749df0&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 668b22ebffa04ab6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEIRO9R7WEo9E18X332X3jbs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=23aef78c-9b20-48d4-7cb7-af27162fb716&reqId=81c46dcf-1a2d-4ecc-46a1-20e41a2ee71b&zcluid=73a0c66952749df0&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUZBNDlGMzEtNjM1Qy00NTk4LUE0RTUtNjUwNUE0RUYxNzQ4&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUZBNDlGMzEtNjM1Qy00NTk4LUE0RTUtNjUwNUE0RUYxNzQ4&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

64ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:459
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9eFUSbeNlSK0IBzASCJf0&google_cver=1

42 B
283 B

71ms
69ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9eFUSbeNlSK0IBzASCJf0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:358
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9eFUSbeNlSK0IBzASCJf0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame AE2C 43 B
609 B 3082ms
49ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 01 Jul 2021 21:58:31 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7413012034931079448

42 B
233 B

64ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7413012034931079448
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:371
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:36 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7413012034931079448
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62b660df-8c0c-4b00-b009-acc459d00aa3&gdpr=0&gdpr_consent=

42 B
338 B

64ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62b660df-8c0c-4b00-b009-acc459d00aa3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:36 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:423
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 02 Jul 2021 22:00:43 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62b660df-8c0c-4b00-b009-acc459d00aa3&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 02 Jul 2021 22:00:42 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4aad68c4-4587-4f21-a07c-476c9f0056bf

42 B
603 B

196ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4aad68c4-4587-4f21-a07c-476c9f0056bf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:407
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4aad68c4-4587-4f21-a07c-476c9f0056bf
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8372263956767750951&gdpr=0&gdpr_consent=

42 B
211 B

65ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8372263956767750951&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:647
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8fd9f261-7964-415b-ba43-af92ed89301c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8372263956767750951&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1FA49F31-635C-4598-A4E5-6505A4EF1748
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AE2C 43 B
921 B 96ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/1FA49F31-635C-4598-A4E5-6505A4EF1748?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1FA49F31-635C-4598-A4E5-6505A4EF1748&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qcg2n5tE2uU1D80LvBxAzMQOCGVUo5Y-~A&gdpr=0&gdpr_consent=

0
260 B

1448ms
68ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qcg2n5tE2uU1D80LvBxAzMQOCGVUo5Y-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 18:24:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qcg2n5tE2uU1D80LvBxAzMQOCGVUo5Y-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggiBYoxb1TGZC9U0g1vINYIPhDaZDNU0jAznfKHL

42 B
273 B

65ms
65ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggiBYoxb1TGZC9U0g1vINYIPhDaZDNU0jAznfKHL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:1102
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ggiBYoxb1TGZC9U0g1vINYIPhDaZDNU0jAznfKHL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN_MBQACMO6WqwBg&gdpr=0&gdpr_consent=&_test=YN_MBQACMO6WqwBg

1 B
258 B

64ms
64ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN_MBQACMO6WqwBg&gdpr=0&gdpr_consent=&_test=YN_MBQACMO6WqwBg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:331
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1625263110.655843,VS0,VE0
x-served-by: cache-fra19148-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YN_MBQACMO6WqwBg&gdpr=0&gdpr_consent=&_test=YN_MBQACMO6WqwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79ec9133-428a-45e4-9f69-8495b013c0d6
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=79ec9133-428a-45e4-9f69-8495b013c0d6
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=69ca6c79-aa10-41de-9092-142ae64b3b8c&user_group=1&ssp=pubmatic&bsw_param=79ec9133-428a-45e4-9f69-8495b013c0d6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79ec9133-428a-45e4-9f69-8495b013c0d6&gdpr=&gdpr_consent=&gdpr_pd=

1 B
337 B

64ms
64ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79ec9133-428a-45e4-9f69-8495b013c0d6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:426
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79ec9133-428a-45e4-9f69-8495b013c0d6&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7443955337145363771&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

65ms
64ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7443955337145363771&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:381
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7443955337145363771&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame AE2C 0
104 B 89ms
61ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1FA49F31-635C-4598-A4E5-6505A4EF1748&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:643ff6ec-387c-478d-80d9-ded0d99d1859&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
111 B

64ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:643ff6ec-387c-478d-80d9-ded0d99d1859&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:434
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:643ff6ec-387c-478d-80d9-ded0d99d1859&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 02 Jul 2021 21:58:30 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
204 B

65ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:30 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:463
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 21:58:30 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8372263956767750951

42 B
110 B

64ms
64ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8372263956767750951
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:31 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:408
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:31 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6b21d6ae-ca7d-4754-b86d-e3b4cd240d26
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8372263956767750951
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AE2C
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_55c3c9f6-fb01-4fb9-a914-2d7518ed6a77

42 B
380 B

65ms
65ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_55c3c9f6-fb01-4fb9-a914-2d7518ed6a77
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:31 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:423
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_55c3c9f6-fb01-4fb9-a914-2d7518ed6a77
date: Fri, 02 Jul 2021 21:58:31 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa23cea97-db80-11eb-8b9e-02b322529300
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300

43 B
316 B

216ms
215ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cLo2qvfRhBn%2FXSn87d3UWZJtAO4fWWuTCBsdV4lp4z7LGSpC4409MoAhgHAX%2FLbDE0dVQPgQSDslcSwu9pln4NntYjA8TwN5zmqgpjOUFQTrVxJUG2J76F2ALx4f1UUdW19v98sDmZrTy9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c08fed4dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa23cea97-db80-11eb-8b9e-02b322529300
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409

43 B
453 B

228ms
228ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OTZ8fU7jMgybFwFPgAlN%2BT8dQCNcJ2N4MzcVTA1iCn6pYv5GiYlGSrDLFCY4MGTnJX2dHut7G4unY8KmIgw5bUjn5oetV88ujgKMDFMpbxDRrQFM8Dr0Gb95Apy1aOWEds%2FPuaE9AGGQjmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bfadfb4dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 512a1c41-6932-40e5-abde-46ffa78a0ad0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1095359227152373409
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d

43 B
323 B

207ms
207ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WUXU%2BQDYG2jYJr%2FL4n1A5H5z7SJkzJE3ppL4GkduftbRVScr%2BEnNvJTxyKKY3xt%2BfE%2FAfE4bInnaHeDVJxQcPYUnA3cD4EeYe55TDTvQ0K%2B%2FATDG4CNeT8zbIT3aaCOz0LeLEacJzutCvc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c1292d4dfa-FRA
content-length: 43

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=aa3d544ddd58c43261299d0877e8b96ea330503d
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390

43 B
317 B

223ms
222ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W6VerwtGj%2Fu59julwdWh%2BxB1%2BVoWk5dU1NchnKld11HpB57UvA4Cj8GjZglpItyAAndxz8AkjGrG9Z6wrz0BuTmQhovVa2lQJu4iARTN%2FSdS6qRjwm3pE2DB90IrMLevcgevthhfpf4n3Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c01eef4dfa-FRA
content-length: 43

Redirect headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5ktj1tmm6R4TwUXN2hh8H3Cn4m1%2BDZcpiJQdfCV8fE4vbMJj0QcCRptyIOrZ0VNxHaZqegTV2YylzPPOwewBr0CVLkbCy%2FHU%2BYuLgM8VYq4DIsvEqkIrF3ZH110I4q%2B3rG4ui0w6TqnK"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4606aa8-b4e4-44c1-bd32-30abaa33a390
cf-ray: 668b22bf4d154dfa-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409

43 B
328 B

237ms
237ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kyEEZRVEOR3uTIh86PpWWZC68p6QpiY7Sg3fZu7U6oLe7SWaTwXBqEqeqxna4K6NUzD0wfwRx4t7kd6JcklwH9goPwdBeWMbVUOkRJKVP8OhsGF8IXQFVcju7%2Fe0e61ULTb6R5jlk%2FVAy8g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bfde5e4dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 553643c7-3ab2-42ee-afe9-6941f5f3c5b1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1095359227152373409
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 11BC 0
478 B 114ms
52ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A

43 B
316 B

415ms
415ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HNv7dvpmNuGQld4z7cMTmtKhzkdLHyAJ63AYklgGYZlFNIQ4xmMKBx1IM26uwqKhei6Ssguc1ZnurnQ5NWiyXJUI9nMdp5rsATQXQusk83yMb9pYxJ2hD%2Fm4uVvA7RQ5Tqwif9MS4cTY%2B54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c05f934dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-eU18wzBE2uFEjfOFeJTc62M1xZV.6LJbjIu582w-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1095359227152373409

43 B
320 B

230ms
229ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1095359227152373409
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FV0wdtbINTsexKg%2FqYXucEpYSgRfKQ0e%2F3I7vT2PLPLSlqP9oCyuwT1qxPjOjC%2BirKbF8y7Th2zTWT2%2BiXPKKg9Bkxau%2Fldi1vlBh57Hr9kCBZjs9wARTYX3Mvj7mABvjTKe9Ye9cswE1yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bfde694dfa-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
X-Proxy-Origin: 5.253.206.60; 5.253.206.60; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 54744527-d79a-4366-9384-69eea277fedd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1095359227152373409
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a3fc181c-d880-49e9-8206-4bb3d1aa3991

43 B
452 B

412ms
412ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a3fc181c-d880-49e9-8206-4bb3d1aa3991
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oCnnQjJH0ICeh31J6UbvI23ebpf%2FZGxwd5tRh5pfTVjZiYQ3i5WSHAKAdw7mHpjaTlId2hHvFJ80BDTlMzRtSWc5Gt7IirFvpEjwdn7Ednuo0q0c%2Bjtoqfl4ljLe3QQToajORrUsK%2Fyao3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22c07fcf4dfa-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a3fc181c-d880-49e9-8206-4bb3d1aa3991
date: Fri, 02 Jul 2021 21:58:29 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 11BC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4

43 B
344 B

231ms
230ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 21:58:29 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GZqpr%2FLLDkIt1w2BGLkuBB8QdjUmNiZ%2FwTs9U9%2BiLu6GMvyPYUsxP85HK3pqSyZu8%2FJyhxJIsNLuO1FOzV8dH7ufAV0IrTAXGlnf4eiTPIEFd9nf7tTSJs%2FKc7qsRxej44bHJq405L9Dpj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 668b22bfae114dfa-FRA
content-length: 43

Redirect headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=39563667ad0d6efa05a55af4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 9B23 2 KB
3 KB 150ms
63ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5489398692427f7179611a1512c1295c2f361bf8774a601b8304fb9397ed2d51

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YN.MBEmmPcA1OB4sWnlo2QAA; CMPS=1124
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|31|73|13|218
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1956
Expires: Fri, 02 Jul 2021 21:58:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jul 2021 21:58:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YN.MBEmmPcA1OB4sWnlo2QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT CMPS=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMPRO=1187;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Sep 2021 21:58:29 GMT CMST=YN+MBWDfjAUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 21:58:29 GMT CMRUM3=e660df8c052760&2760df8c050b40&2d60df8c0505a0&4960df8c0505a0&da60df8c052760&0d60df8c0505a0&f160df8c0505a0&1f60df8c0505a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Jul 2022 21:58:29 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame EB7B 43 B
555 B 58ms
52ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 02 Jul 2021 21:58:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YN+MC; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame AA2F 2 KB
823 B 47ms
47ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS