URL: https://shrinke.me/GCyfBiO5
Submission: On August 08 via manual from US

Summary

This website contacted 74 IPs in 10 countries across 88 domains to perform 385 HTTP transactions. The main IP is 2606:4700:3037::ac43:8784, located in United States and belongs to CLOUDFLARENET, US. The main domain is shrinke.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time shrinke.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.89.194 16509 (AMAZON-02)
3 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 172.255.6.123 7979 (SERVERS-COM)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.237.125.12 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 192.243.59.20 39572 (ADVANCEDH...)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 44.236.192.77 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
1 2a04:4e42:3::485 54113 (FASTLY)
3 7 46.249.52.248 50673 (SERVERIUS-AS)
4 147.75.38.124 54825 (PACKET)
4 185.184.8.65 204995 (RTB-HOUSE...)
4 48 2606:4700:20:... 13335 (CLOUDFLAR...)
4 37.252.172.38 29990 (ASN-APPNEX)
9 178.250.0.165 44788 (ASN-CRITE...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2.18.233.180 16625 (AKAMAI-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
12 16 185.33.221.89 29990 (ASN-APPNEX)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 2606:4700:21:... 13335 (CLOUDFLAR...)
8 104.18.16.65 13335 (CLOUDFLAR...)
4 9 2a02:2638:1::13 44788 (ASN-CRITE...)
8 178.250.2.146 44788 (ASN-CRITE...)
11 104.19.130.80 13335 (CLOUDFLAR...)
10 2a02:2638:1::3 44788 (ASN-CRITE...)
1 104.19.134.80 13335 (CLOUDFLAR...)
1 104.19.138.80 13335 (CLOUDFLAR...)
4 12 54.36.109.48 16276 (OVH)
2 6 52.18.12.237 16509 (AMAZON-02)
7 15 13.248.242.197 16509 (AMAZON-02)
12 12 63.251.86.49 32475 (SINGLEHOP...)
2 46.249.52.249 50673 (SERVERIUS-AS)
4 151.101.13.108 54113 (FASTLY)
8 178.162.133.149 60781 (LEASEWEB-...)
18 18 18.156.0.31 16509 (AMAZON-02)
8 8 18.207.58.102 14618 (AMAZON-AES)
5 5 52.204.62.148 14618 (AMAZON-AES)
4 4 18.184.122.71 16509 (AMAZON-02)
4 51.89.9.254 16276 (OVH)
4 15 2.18.234.21 16625 (AKAMAI-AS)
4 185.64.189.115 62713 (AS-PUBMATIC)
4 8 209.54.176.128 16509 (AMAZON-02)
6 10 37.157.6.247 198622 (ADFORM)
4 4 2001:678:cb4:... 56396 (TURN)
4 6 104.111.242.53 16625 (AKAMAI-AS)
2 2 34.253.133.188 16509 (AMAZON-02)
1 1 18.210.180.232 14618 (AMAZON-AES)
2 178.250.2.151 44788 (ASN-CRITE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 32 185.64.190.80 62713 (AS-PUBMATIC)
6 6 213.19.147.44 26120 (RHYTHMONE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 87.98.228.78 16276 (OVH)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 51.79.83.225 16276 (OVH)
1 3 169.50.137.190 36351 (SOFTLAYER)
2 2a00:1288:110... 34010 (YAHOO-IRD)
2 185.64.189.114 62713 (AS-PUBMATIC)
6 6 18.198.142.61 16509 (AMAZON-02)
4 4 52.17.151.21 16509 (AMAZON-02)
3 3 2620:116:800d... 16509 (AMAZON-02)
3 4 151.101.14.49 54113 (FASTLY)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 178.62.202.251 14061 (DIGITALOC...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
2 2 34.98.107.212 15169 (GOOGLE)
2 2 185.33.221.15 29990 (ASN-APPNEX)
2 2 52.48.175.241 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 2a04:4e42:3::300 54113 (FASTLY)
1 151.101.13.44 54113 (FASTLY)
1 2 35.227.248.159 15169 (GOOGLE)
2 2 3.123.143.157 16509 (AMAZON-02)
1 1 18.210.5.212 14618 (AMAZON-AES)
1 38.27.122.126 174 (COGENT-174)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 54.78.254.47 16509 (AMAZON-02)
1 1 3.220.196.160 14618 (AMAZON-AES)
1 2 34.206.192.53 14618 (AMAZON-AES)
385 74
Apex Domain
Subdomains
Transfer
57 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
411 KB
48 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
20 KB
28 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
8 KB
22 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
86 KB
20 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
16 KB
19 adtrue.com
cdn.adtrue.com
exchange.adtrue.com
359 KB
15 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
22 KB
15 adsrvr.org
match.adsrvr.org
7 KB
15 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
stats.vlitag.com
434 KB
12 lijit.com
ap.lijit.com
7 KB
12 id5-sync.com
id5-sync.com
13 KB
12 adskeeper.co.uk
jsc.adskeeper.co.uk
cdn.adskeeper.co.uk
c.adskeeper.co.uk
servicer.adskeeper.co.uk
s-img.adskeeper.co.uk
cm.adskeeper.co.uk
88 KB
10 adform.net
c1.adform.net
5 KB
10 criteo.net
static.criteo.net
266 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
589 KB
9 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
6 KB
9 shrinke.me
shrinke.me
244 KB
8 amazon-adsystem.com
s.amazon-adsystem.com
5 KB
8 advertising.com
pixel.advertising.com
3 KB
8 sonobi.com
sync.go.sonobi.com
4 KB
8 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
73 KB
7 google-analytics.com
www.google-analytics.com
58 KB
6 bidswitch.net
x.bidswitch.net
2 KB
6 owneriq.net
px.owneriq.net
2 KB
6 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
3 KB
5 advangelists.com
nep.advangelists.com
1 KB
5 praiserevision.com
praiserevision.com
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 avct.cloud
ads.avct.cloud
2 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 turn.com
ad.turn.com
2 KB
4 onetag-sys.com
onetag-sys.com
3 KB
4 sharethrough.com
match.sharethrough.com
959 B
4 vliplatform.com
px.vliplatform.com
1 KB
4 cdn-adtrue.com
cdn-adtrue.com
4 KB
4 adnxs-simple.com
ib.adnxs-simple.com
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com
688 B
4 a-mo.net
prebid.a-mo.net
1012 B
4 recaptcha.net
www.recaptcha.net
23 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 simpli.fi
um.simpli.fi
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net Failed
115 KB
3 googletagmanager.com
www.googletagmanager.com
120 KB
3 shrinkme.io
shrinkme.io
166 KB
2 audrte.com
a.audrte.com
2 KB
2 exelator.com
loadm.exelator.com
3 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 tapad.com
pixel.tapad.com
595 B
2 taboola.com
trc.taboola.com
match.taboola.com
651 B
2 gumgum.com
rtb.gumgum.com
672 B
2 playground.xyz
ads.playground.xyz
728 B
2 sitescout.com
pixel-sync.sitescout.com
674 B
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
207 B
2 erne.co
green.erne.co
651 B
2 ad4m.at
ad4m.at
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 adroll.com
d.adroll.com
223 B
2 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
118 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 zeotap.com
mwzeom.zeotap.com
187 B
1 bnmla.com
match.bnmla.com
112 B
1 stackadapt.com
sync.srv.stackadapt.com
649 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
377 B
1 steepto.com
cm.steepto.com
173 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 googletagservices.com
www.googletagservices.com
25 KB
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 jquery.com
code.jquery.com
29 KB
1 leaderhistliness.info
leaderhistliness.info
21 KB
1 coccusadmanlob.com
coccusadmanlob.com
1 cloudfront.net
d1r90st78epsag.cloudfront.net
94 KB
0 mathtag.com Failed
sync.mathtag.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
385 88
Domain Requested by
40 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
24 simage2.pubmatic.com 1 redirects ads.pubmatic.com
18 ups.analytics.yahoo.com 18 redirects
16 ib.adnxs.com 12 redirects cdn.adtrue.com
15 match.adsrvr.org 7 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
12 ap.lijit.com 12 redirects
12 id5-sync.com 4 redirects ads.pubmatic.com
sync.quantumdex.io
12 ads.pubmatic.com shrinke.me
cdn.adtrue.com
sync.quantumdex.io
11 cdn.adtrue.com shrinke.me
exchange.adtrue.com
tag.vlitag.com
10 c1.adform.net 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
10 static.criteo.net cdn.adtrue.com
static.criteo.net
assets.vlitag.com
9 gum.criteo.com 4 redirects static.criteo.net
9 bidder.criteo.com assets.vlitag.com
cdn.adtrue.com
static.criteo.net
9 shrinke.me shrinke.me
8 image2.pubmatic.com ads.pubmatic.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 ssum-sec.casalemedia.com 4 redirects sync.quantumdex.io
8 pixel.advertising.com 8 redirects
8 sync.go.sonobi.com sync.quantumdex.io
8 mug.criteo.com shrinke.me
8 exchange.adtrue.com shrinke.me
cdn.adtrue.com
7 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
7 ads.us.e-planning.net 3 redirects assets.vlitag.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 x.bidswitch.net 6 redirects
6 px.owneriq.net 4 redirects ssum-sec.casalemedia.com
6 assets.vlitag.com tag.vlitag.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
5 nep.advangelists.com 5 redirects
5 praiserevision.com shrinke.me
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 ads.avct.cloud 4 redirects
4 sync.1rx.io 4 redirects
4 ad.turn.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 onetag-sys.com sync.quantumdex.io
4 match.sharethrough.com 4 redirects
4 ms.quantumdex.io 4 redirects
4 acdn.adnxs.com cdn.adtrue.com
4 id.crwdcntrl.net ads.pubmatic.com
4 cdn.adskeeper.co.uk jsc.adskeeper.co.uk
jsc.adskeeper.com
4 px.vliplatform.com
4 hbopenbid.pubmatic.com cdn.adtrue.com
4 cdn-adtrue.com exchange.adtrue.com
4 ib.adnxs-simple.com assets.vlitag.com
4 useast.quantumdex.io assets.vlitag.com
4 prebid-eu.creativecdn.com assets.vlitag.com
4 prebid.a-mo.net assets.vlitag.com
4 tag.vlitag.com services.vlitag.com
tag.vlitag.com
4 www.recaptcha.net shrinke.me
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
3 pixel.quantserve.com 3 redirects
3 um.simpli.fi 1 redirects ads.pubmatic.com
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 stats.vlitag.com tag.vlitag.com
3 www.googletagmanager.com shrinke.me
tag.vlitag.com
3 shrinkme.io shrinke.me
2 a.audrte.com 1 redirects
2 loadm.exelator.com 1 redirects
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 pixel.tapad.com 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 rtb.gumgum.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ads.playground.xyz 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 green.erne.co 2 redirects
2 ad4m.at ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 d.adroll.com 2 redirects
2 u-ams02.e-planning.net
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 cm.adskeeper.com jsc.adskeeper.com
2 c.adskeeper.co.uk jsc.adskeeper.co.uk
2 c.adskeeper.com jsc.adskeeper.com
2 jsc.adskeeper.co.uk exchange.adtrue.com
jsc.adskeeper.co.uk
2 jsc.adskeeper.com tag.vlitag.com
jsc.adskeeper.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 services.vlitag.com shrinke.me
services.vlitag.com
1 sync.ipredictive.com 1 redirects
1 mwzeom.zeotap.com
1 aud.pubmatic.com
1 match.bnmla.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 cm.steepto.com
1 s-img.adskeeper.co.uk
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 s-img.adskeeper.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 cdn.jsdelivr.net assets.vlitag.com
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagservices.com tag.vlitag.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 code.jquery.com shrinke.me
1 leaderhistliness.info shrinke.me
1 coccusadmanlob.com shrinke.me
1 d1r90st78epsag.cloudfront.net shrinke.me
1 fonts.googleapis.com shrinke.me
0 sync.mathtag.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
0 d5p.de17a.com Failed ads.pubmatic.com
0 gu.dyntrk.com Failed ssum-sec.casalemedia.com
0 p.rfihub.com Failed ssum-sec.casalemedia.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 cm.g.doubleclick.net Failed ssum-sec.casalemedia.com
ads.pubmatic.com
385 125

This site contains links to these domains. Also see Links.

Domain
shrinkme.io
blog.shrinkme.io
forms.gle
www.facebook.com
t.me
valueimpression.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
coccusadmanlob.com
R3
2021-08-06 -
2021-11-04
3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-08-14
2 years crt.sh
leaderhistliness.info
R3
2021-06-07 -
2021-09-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
misc.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
praiserevision.com
R3
2021-07-19 -
2021-10-17
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
ads.us.e-planning.net
R3
2021-08-01 -
2021-10-30
3 months crt.sh
*.a-mo.net
R3
2021-07-16 -
2021-10-14
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2021-03-17 -
2022-03-15
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-06-27 -
2021-09-24
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-06-27 -
2021-09-24
3 months crt.sh
*.id5-sync.com
R3
2021-07-13 -
2021-10-11
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.e-planning.net
R3
2021-06-04 -
2021-09-02
3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2020-12-06 -
2022-01-07
a year crt.sh
onetag-sys.com
R3
2021-07-26 -
2021-10-24
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.owneriq.net
GeoTrust RSA CA 2018
2021-01-29 -
2022-02-02
a year crt.sh
*.onaudience.com
Certyfikat SSL
2021-05-28 -
2022-05-28
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-09-22
6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2
2021-01-06 -
2022-02-07
a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-03-09 -
2022-04-10
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-02 -
2022-06-07
a year crt.sh
*.audrte.com
Amazon
2021-01-26 -
2022-02-24
a year crt.sh

This page contains 79 frames:

Primary Page: https://shrinke.me/GCyfBiO5
Frame ID: CB8AA9F53C84B3AF198629000A6B5FB6
Requests: 78 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Frame ID: C9A7F8DF2D34B7A13596F87803D7A627
Requests: 13 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Frame ID: CE66ACA1B12DD7E8B0DBC79E89A60936
Requests: 13 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
Frame ID: 4679DB4D2DAEE0C6919B3960CACDB045
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=rjr7mi1iz6k4
Frame ID: 63D669D2DCD690A895E784771B27FD83
Requests: 3 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29441&divID=vi_850929441_934&w=320&h=100
Frame ID: E2C6252221437B6723D1F5214353190C
Requests: 3 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29441&divID=vi_850929441_377&w=320&h=100
Frame ID: 6A858928179F85CA53F2F5EB4AC41F37
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: BC40D70DEB8BC95C44F7FD1FC4632238
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Frame ID: 953D11EEC0353989D32D1E8BE08BA486
Requests: 3 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29440&divID=vi_850929440_855&w=970&h=250
Frame ID: 2A56C0EDA11D8BC8DF8D2BA595C7CC4B
Requests: 11 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Frame ID: 377CD5A29A46A3D8B44E22AD009D2970
Requests: 13 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Frame ID: 80A2D1053463E50E16E3BAEB7C24CAC4
Requests: 13 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: ECF46AF627C589612055AECEBE30252A
Requests: 12 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: EF415E05A96D9B206850BCF71E21F65C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: D022EB2B2ED08624145BC8745BFAF237
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 14336330ADC19BEC41265AC548944A94
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
Frame ID: 3DB0E886DC175222EFE117E33DFBC0ED
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1628447477022771407626
Frame ID: D07776F61BD4EBE87D24290030AD1950
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1628447477189478415333
Frame ID: A063A29A6EBDEF9F5CDFB4055228B980
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 10331F9D74F3F8A4C982346C8F8C1F4F
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: E0C03A6F961525EA9707ECEABA6D5335
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: BD197F7F7BFFEF2616AEC390F5B34926
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: A9B72776B73AA48CDA820BF8DFAF8971
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1068A040464A00AD8A699C2F59E584B2
Requests: 24 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EE7B5AE1EB82E045742CE6D06C4499F9
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 69570EA492905CD17BC91CA49FB0C753
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2FB7A35CF8C2C8CEE30D3D71C6FDA248
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 6B0DCBFD08AD693731520BB97D9A9CD3
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C495CAC27C1ECAC7DCF938EE4E5CBD8A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 030CC3206E29271689CF314BDBDFFB84
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 89E119D49423E05999B14827625CFC74
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B669516DE02D5AA6F86F3860296E9312
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 639845CE6988DB3FA720DC106B504472
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 43A8137B0354AF400B3F82F62C3D85AB
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 201AF49A87852FA71D1CE805C65525FF
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: CF39484F577A17594C52E38B1CE16D96
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3575B439264FDBA8CF4B1BB85D585378
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 4036CAD2529A9ED6B580911F1F466D58
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F4054F17AB4CCEA908F17D342E379538
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5DD2038FF7F472F3D684AC4AE94C1552
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 57B9B4DF4E6EFC2D19D6CE145A286613
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 522279162EFD89A87C020AD9BE149132
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 02A37801BA483B158EB696F53C78C7A5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0A5946B12A66D9B8ECD9C07A58B1A51D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3E9E7050410BC2C804543DBAD6D51B0A
Requests: 24 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6A4590B036692753D50A2B388C871D94
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F89615223E926C1FE75671C1A0692B09
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
Frame ID: A0E3DE54025F640AB0A48D162CDAC2B4
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 4AF51F9000FA3BBC716FB23E21591F39
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B59A2004EBBDD773067B5615838BB7B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678468515981
Frame ID: 6F0F98891E860F5889F26CF7D3D63BBA
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 8AC7D91D226EF5ECF79111150D184F48
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 4D6149B087A6B5F449312F5C3958FEE3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
Frame ID: 4A435F8FC802663F0CED6AC7C2A4B991
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 960A9A80F53838495801C08ABC8BCE46
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
Frame ID: FF237C0440B108FE755B5557A5D39B2C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: AF7977D3883837FDC66C88FC99FF3D4B
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Frame ID: E4EC65496A8F995AD7B2B7F358A85434
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C64FCCF27DAF9ADDB1CBE6CF2FE68CBA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 6278716C310DD78862F12AA8E6F9CBE4
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
Frame ID: E318F05BFB8AEBC8309FC055D42035C8
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: C93E31FB8E4D8CEFA3B40EAAD636F81F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 88EC72EE97D101221736D5D31148C494
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678470547597
Frame ID: 7B0C5792567929FBD07BBA8161F863BF
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 7A43BEA79D31AB75BEE764350EA0AEA2
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 21B3FDB13C4567726C8EBF456E25E16D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
Frame ID: CBDDAFF67CC87B0CD349B99158BB1A38
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: DEFB9360C5B2C7AE9D4DCD9D9448A5DF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
Frame ID: 5ADF3E6B07E73C65CA4C384B149F67CA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9123E488B38F5442BF751224CEBE9A53
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Frame ID: D195BC5450FAC880209CD344CA5A301F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EC54952B9E596B3BEE5045D65BD7E862
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: BFAF990F4A0E901AD4273DDC71BDC2F0
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: A285119DA65ED26EE26CEB3C69BC9D04
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 418054582800A9F58A09ADD53C054F6A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KzNK0IGo1McNzY5&gdpr=0&gdpr_consent=
Frame ID: 1715A06D8AA7CB68E47CCD4877308F6D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kCR0lK-bQDJ-UuyFMk0Ga8JjaWM
Frame ID: 0CA019F29C3A5CC7D710F6C4DD4C3A1A
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 56A5EAB0512494E28429915C323E2FFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:719E485E1E1C4D90A49B2BF98F48253B
Frame ID: 60C6B58C47278C41E8E3118A0385417E
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

385
Requests

91 %
HTTPS

32 %
IPv6

88
Domains

125
Subdomains

74
IPs

10
Countries

3398 kB
Transfer

8869 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Request Chain 60
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Request Chain 68
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nOnPRnxwN1lSTHNKY2FFU0ROT1hzc2dGeldUU0kxQU50M0Q0RGdycFV2ckg2cEszVGswYmVrMHh2T2crNkN2YlVJeVlkUUFzUGRKNE1OeUNzZHJtaElGay9JWVI4aU1USjZJTmxZVDNtOHk3bkRxUkw2VERnaElydmg5ZGJNNWdOWUZPeGxZblFvMXA3Y25ncHpzd0NQM3hhWlZjb3NOa3FQZzRUYVpuOW51TXV3RjVjV1BQd0NZZEN4am1keFZ2SUpsMjV6ekx5dDdDTnJNTGk0MHZSVWVhV3JQeFlVNGpZS0VpVVpYQjM4Z2JCZXlFPXw&cppv=2
Request Chain 112
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IXaJq3xrQ3M4SVZmeWtVVkx3RjF4SmpMSjUxd2FtaWpOOVlTNkVlVDN3Wk1kL3pMUUxObjVQN2VIYitzZUxhN0h3dWhxdVQ0cEFRVElSVWRFYjk0YzNBYjdNa2lHaDVWS2dLQkEwN3hkWFFtaGZTbVkwTDRiR2VXempyMUg4cHpSdENPeEY0OUdjYzRSWk4yVi9MUDl6N1VxWWMrckNQelhFQVdLSmVyUGdXZ0ZiWlY0VW5uMEZlc2ovY3F2ZFpqSzNLY2tpeHB4dmZEdVdYeVhrRWw5ZjZwZWNMNTI2Z2xaUndZSGdxLzlPbmNvQllRPXw&cppv=2
Request Chain 133
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=U0xTZnxLaU9iNUoxZkZOUk4vNi9MRy9vVWJTVVBMSWdJblphOElmRmRBQzI0MGd5bVd4YklGK3o5S1lPeURmMXllU2RtZ0xra05XdEhnWWFwT2tZbThCRWU1RlJVczNtOUpzdXVFQ3ZDcmpZblNpclZvVzMxRnJRZFFwM2xiS25PTnI0am9MU3Qva1RqOHpBRW8zRjVQWklGWWlON2FnZHJBai82amo4L2lHK0hWeUJhWmVXQ2lCQXZTa3VjMGNMOGhNNmF3cUt0aDFPSUgrWXhaVUFjN2tZVy9YT2x0aVNVUEZrYm9UL3l4TElia0lZPXw&cppv=2
Request Chain 136
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=7nZk_XxCSVBuOU03aWpIWktKQjRBcTE0NHVwZVRzRjJ4K1Y0RURVR0VMNGdqTVlaN2Z5Zll0SlVwQVlIb0hJVkZYakJxekl3enNUZUNkeVBhU2xiUU95WWVEaFZRdEpSeVVMcFAvYUlKdmtseUowZ2kwTjAwT1hzMzV2cFN5QTlCd0s3QUR0VllhYk4yMWNPRXBlaGJ6aXhWWCtWL3FzUXE1SEkyeW9mOVNTa0hHRnl6cVVzNGpHdGMrNmEzRmp3eXk2Y2gxcDB5TWtWdndEOS9aOHRzM0wwNmhJVWdBbGpnMGtSVXgyTkhvOFYybmVJPXw&cppv=2
Request Chain 198
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D06bf0c8a838e0ab4%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D06bf0c8a838e0ab4%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=06bf0c8a838e0ab4&uid=e0fb56bdc1f9f62ff532be7e
Request Chain 199
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D10fe86d4c4e58b59%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D10fe86d4c4e58b59%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=10fe86d4c4e58b59&uid=6249cad87d0cbdc75a51a713
Request Chain 202
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Request Chain 203
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bcbfcba9a68747edd50daaff
Request Chain 204
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9d0a3375-b403-40ec-a36e-968cea04cb4a
Request Chain 206
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Dbp3u55E2uHT_5JAXzuiWngmptJMdIg0Ol8nbCk-~A
Request Chain 207
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 208
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f&verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
Request Chain 209
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d109fe30-05d6-4803-b035-f8fe5a01fcde
Request Chain 210
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4bbd765f-0961-45a5-8ad6-e37ab535a21d
Request Chain 211
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Request Chain 214
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Request Chain 216
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8e2b0297-1955-4c86-a078-e4aeca944efa
Request Chain 217
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=373344e0-983d-4788-b516-7f8bcfc983ad
Request Chain 218
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Request Chain 219
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Request Chain 220
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 221
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=787ff301-83d3-4196-9ac3-f992d3b7d4ed
Request Chain 223
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c1094415aad24d3260a024ec
Request Chain 224
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-s.gaJklE2uFcqm_4uUih7YzNgYmCXD7I3ppenwQ-~A
Request Chain 225
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f&verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
Request Chain 226
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Request Chain 230
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 231
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b&verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b
Request Chain 232
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a413a5bc-18c4-4b15-a40c-2fbdacd0e936
Request Chain 233
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=58043eb0-153a-4676-938a-b516c03a6011
Request Chain 234
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Request Chain 235
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Request Chain 236
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=da17a8ce7355fa5204e32236
Request Chain 237
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c0d028ab-a0be-4145-9671-33381d181fb5
Request Chain 239
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-k79hdSBE2uFvB1VXS9UTYoAvpNQ3CUPVJrGPo5k-~A
Request Chain 240
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Request Chain 244
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Request Chain 245
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Request Chain 246
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 247
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=86d23d5e-913b-4fa1-913d-83dfc99aaa95
Request Chain 249
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2804d50ee1775cabb8774051
Request Chain 250
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-c2UCZaFE2uFzE5deif3VXtKXzXfXDEioQpowG6s-~A
Request Chain 251
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2ee16c9-f876-11eb-b50a-029a9903a159 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2ee16c9-f876-11eb-b50a-029a9903a159&verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2ee16c9-f876-11eb-b50a-029a9903a159
Request Chain 252
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-91947028-1f05-4a63-b6e6-e0d644c80d00
Request Chain 253
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03623ffc-d9b5-4b9e-876d-2e0e83104146
Request Chain 254
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Request Chain 265
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB&dcc=t
Request Chain 267
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9yYjaXCpc.n9DWiqQwAA
Request Chain 270
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
Request Chain 271
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6817338821947082077&uid=Q6817338821947082077&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 275
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB&dcc=t
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi91c2Lu1RHZyctKlebgAA
Request Chain 278
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 282
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB&dcc=t
Request Chain 284
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9.JPZ.lFvO0ExscNCgAA
Request Chain 286
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6ef1b574-632a-4fce-8d3f-2f7717c095b3&expiration=1659983479
Request Chain 288
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
Request Chain 293
  • https://c1.adform.net/serving/cookie/match?party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
Request Chain 296
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678468515981
Request Chain 299
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=167222816 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a8655d80-5dee-47a1-bcf8-db387e33ebd9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
Request Chain 301
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
Request Chain 304
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 308
  • https://pixel.onaudience.com/?partner=214&mapped=63CA18AD-0F6B-4893-BF22-EA604C9356CA HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4b9611500611db8e5926802ca8d0eaa8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=a8655d80-5dee-47a1-bcf8-db387e33ebd9&icm
Request Chain 313
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7040537458721788283
Request Chain 314
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48dd49d3-a60d-4bde-833f-723023182db8
Request Chain 315
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8653682403972662184&gdpr=0&gdpr_consent=
Request Chain 317
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=63CA18AD-0F6B-4893-BF22-EA604C9356CA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
Request Chain 318
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=2cdf7d76-52a5-4a48-ab09-a6251b67a760&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 319
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3
Request Chain 320
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 321
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRAi_AADnJ_FPgA4
Request Chain 323
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd1050ec-6d39-429e-a556-e57140a2ff1e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 324
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 325
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
Request Chain 326
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7ad3598b-863f-40b4-bcbc-bfb70fa28f2c
Request Chain 328
  • https://c1.adform.net/serving/cookie/match?party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
Request Chain 333
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8710181708270382054
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8655d80-5dee-47a1-bcf8-db387e33ebd9
Request Chain 336
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491476304433887455&gdpr=0&gdpr_consent=
Request Chain 337
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=2cdf7d76-52a5-4a48-ab09-a6251b67a760&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 338
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eyIvZH8heGNgJHwxLiMzN3UkLWNgcC1neSV_AQQZ
Request Chain 339
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 340
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678470547597
Request Chain 341
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRAi_AADdDLlNgAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRAi_AADdDLlNgAC&gdpr=0&gdpr_consent=&_test=YRAi_AADdDLlNgAC
Request Chain 343
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:adf287fa-4484-4c23-933d-62d0c0ff52c0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 344
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 346
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7951264459 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a8655d80-5dee-47a1-bcf8-db387e33ebd9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
Request Chain 348
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
Request Chain 349
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
Request Chain 351
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e0658e5a-b1fd-48c8-8780-a4574a6385a8
Request Chain 353
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 356
  • https://pixel.onaudience.com/?partner=214&mapped=01BFD3DE-507D-4754-A404-8DAC5D63B913 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=f0cb28f865cbe6df HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a0b3360-d163-437c-46d5-6cbcf7c957f0&reqId=b3e9a737-e4b6-481c-76dd-588fc6caea7d&zcluid=f0cb28f865cbe6df&zdid=1332
Request Chain 359
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=01BFD3DE-507D-4754-A404-8DAC5D63B913&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
Request Chain 362
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9zs2GGAs4DfmQDdXlAAA
Request Chain 364
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB&dcc=t
Request Chain 365
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d986614f-06c7-46dc-9b6b-befb5fcd3ab7
Request Chain 366
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 367
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6817338821262908260&uid=Q6817338821262908260&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 368
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=xunTxcLqhMLd74bGkujPxcK6hM3d4NuWlbkZ-1hN
Request Chain 373
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 374
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 375
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KzNK0IGo1McNzY5&gdpr=0&gdpr_consent=
Request Chain 376
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kCR0lK-bQDJ-UuyFMk0Ga8JjaWM
Request Chain 378
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:719E485E1E1C4D90A49B2BF98F48253B
Request Chain 379
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=01BFD3DE-507D-4754-A404-8DAC5D63B913&addseg=21
Request Chain 380
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=01BFD3DE-507D-4754-A404-8DAC5D63B913&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=01BFD3DE-507D-4754-A404-8DAC5D63B913&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 382
  • https://loadm.exelator.com/load/?p=204&g=71&buid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 383
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d57e36bc-f876-11eb-a814-c5abe834d1d7&gdpr=0&gdpr_consent=
Request Chain 385
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=01BFD3DE-507D-4754-A404-8DAC5D63B913 HTTP 302
  • https://a.audrte.com/p

385 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request GCyfBiO5
shrinke.me/
21 KB
8 KB
Document
General
Full URL
https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9973711e67afea223f23b0d14a5f279d05be219f23e4d2cfa65e0ef53a79fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
shrinke.me
:scheme
https
:path
/GCyfBiO5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:13 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
set-cookie
lang=en_US; expires=Wed, 03-Aug-2022 18:31:13 GMT; Max-Age=31104000; path=/ AppSession=218d3f92ce9391439799bd5fa6f193a0; path=/; HttpOnly csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6; path=/; HttpOnly
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFhKerNL57WO%2FkNQ8pJ7yOwhS4zkAaTszlk1A5C3dbS%2B%2FOYA5L17HnxIh3wVYrU9vJf9ktpulWhgskUa4XpilHOjiYN0RenjmTor%2FHbms0m9FfVFmTbthJ6UjFWo3QnFniKa%2B%2FY4Ztox"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67bad2064f14d6ed-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/
6 KB
809 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
475b0de0219ba035ec1e12ac99b4d36cd26b8f67620659952e01e865714729bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 18:25:37 GMT
server
ESF
date
Sun, 08 Aug 2021 18:31:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 18:31:13 GMT
styles.min.css
shrinke.me/modern_theme/build/css/
187 KB
34 KB
Stylesheet
General
Full URL
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/css/styles.min.css?ver=6.4.0
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1347715
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2ec69-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBn0aR%2Fs%2Fw7LrhsPC1XW4FKibKD3isPSPA4imlfsOtQenVR5eb6BIsodUC%2Fyt5stkMqZasWl6W8%2FsNCizJjwin9TmHzZ1pndo2ck7MS71OCbAEuNA3V7V5grBDuD1dS2YSD8CRFN%2Fe6N"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
67bad206bf2ed6d1-FRA
expires
Mon, 23 Aug 2021 04:09:18 GMT
sw.js
shrinke.me/
96 KB
38 KB
Script
General
Full URL
https://shrinke.me/sw.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/sw.js
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1347731
cf-polished
origSize=98240
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17fc0-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzmilxksrjQxHIvwyjHPMPBya89L4qZTQRaxnRn72Mshu4MhClwh6A7E3COZaQ0BgzgHiexVvQePOb%2BdR7q5N7xiu%2BCCtExQUFSr1WjNPqRMkXpP8iK1Olt8B69Lg9Dze%2BUIDzjgJIJ9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
67bad206bf31d6d1-FRA
expires
Mon, 23 Aug 2021 04:09:01 GMT
/
d1r90st78epsag.cloudfront.net/
284 KB
94 KB
Script
General
Full URL
https://d1r90st78epsag.cloudfront.net/?etsrd=792297
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-194.zrh50.r.cloudfront.net
Software
/
Resource Hash
316c5f71e9bd86f30b3461e812e5cee1e390739aec64a4861ba57e3af8e1eb05

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
gzip
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
95977
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-id
O9WOj7AsTeD-xtuoBXkEFk1CiOpIPRyf7m7lPtx-rENB_fLvhoLFIA==
logo-sm.webp
shrinkme.io/
31 KB
31 KB
Image
General
Full URL
https://shrinkme.io/logo-sm.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3939752
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
31236
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"7a04-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JKqiSLOQxie%2FXS%2Fp13mn%2FjwxBjoNc%2FitEGE7%2BZ5FULqPzE3SMTNXs8Ji9fUYGBHymeh6e%2Ber4ZOslLdDKmLTZiBKCxS2E7AiKZHnK%2Bn4yzZoq2XUm%2F0tspYEq7OVZvwjCXvKEVQprtQUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
67bad208e9172c01-FRA
expires
Fri, 24 Jun 2022 04:08:42 GMT
23826
coccusadmanlob.com/t3tgUSTlRzMe6Sv/
0
0
Script
General
Full URL
https://coccusadmanlob.com/t3tgUSTlRzMe6Sv/23826
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.123 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
qJpGKf7.png
shrinkme.io/
7 KB
7 KB
Image
General
Full URL
https://shrinkme.io/qJpGKf7.png
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab53c20e7edb761a57f6969dc83a7c0cbeea6982f70a552426d48da024e74eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3939293
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7090
x-xss-protection
1; mode=block
last-modified
Thu, 24 Jun 2021 04:13:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1bb2-5c57b3dc02ddc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBAbniW1Vzg1kQWN%2BgPsTI7Wc0876a1KWVTLGy8GCK7t16Xl3YKLdwScAbJo12hozEyKvBEiUxWewncRWGe58aQsIG3LQxWjWbWNQlx%2BIvs%2BmN4v%2Fnez7%2FgBBcA325uZJwOa0T6W0NT7iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
67bad20b0eb02c01-FRA
expires
Fri, 24 Jun 2022 04:16:21 GMT
async.js
cdn.adtrue.com/rtb/
7 KB
3 KB
Script
General
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
1426766
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad20a181f2b29-FRA
expires
Mon, 18 Jul 2022 06:11:48 GMT
email-decode.min.js
shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 10:50:45 GMT
server
cloudflare
etag
W/"610bc285-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPq3k%2BDIRjG7eCUK%2FB%2F8zNLdcbdSOKn4w%2BJnbBS5MYW5wwmbweDQth6OCRCH5%2F25DzZVgSNM8I1D7gC%2FA%2BGavMlwWgkndrE8ToPLuX%2Bw3P9dIFltYrvikV6XwZgrMkArlIYGs8Hwnaf9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad2088ae1d6d1-FRA
vary
Accept-Encoding
expires
Tue, 10 Aug 2021 18:31:14 GMT
ads.js
shrinke.me/js/
190 B
770 B
Script
General
Full URL
https://shrinke.me/js/ads.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/ads.js
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1347770
cf-polished
origSize=191
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bf-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBAcYTcYTyTv62t8%2BGup9pg7X29czFr%2Fq6Ful5hQ%2FZuxIjjdBO%2Fal399NH%2BZ4%2BIl47WzESW4NNKE7lQ01kb6qbyA%2Fm32BOVTV3ht6DfUZuVmPNCCQ0x67cP39IXEma2egmqRKtIAfhBt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
67bad2089b07d6d1-FRA
expires
Mon, 23 Aug 2021 04:08:24 GMT
rocket-loader.min.js
shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 10:50:45 GMT
server
cloudflare
etag
W/"610bc285-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp9YmhZMx3xIWkUxUhzHZrzikPaPaNQsb%2B6D0Ckuz30uiGYy5ItDBB3nmYTPl95%2FoZUlDih0HcgfIUpcoL5Uf8k6wo4l0h9Qb%2B7ku%2Bpv55z8ZKOnVPgV9bPctwxbPVXQybwpvUX1x2bK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad209ed40d6d1-FRA
vary
Accept-Encoding
expires
Tue, 10 Aug 2021 18:31:14 GMT
ZW5RV2MeTCIgPBAcPXVZRwYlIxMWVH54EA0cODkIAEA8MkwWGX89EEdCcyQOA0xrZk9HGjAwPAwKc21BUldjZVpcTH11EBAMDj4HV0xrdQVUCGI0WgRdfGABUFZ8Y1EGV3xvVgBefDNaBFhoNlBRXTVmWkcT
leaderhistliness.info/
56 KB
21 KB
Script
General
Full URL
https://leaderhistliness.info/ZW5RV2MeTCIgPBAcPXVZRwYlIxMWVH54EA0cODkIAEA8MkwWGX89EEdCcyQOA0xrZk9HGjAwPAwKc21BUldjZVpcTH11EBAMDj4HV0xrdQVUCGI0WgRdfGABUFZ8Y1EGV3xvVgBefDNaBFhoNlBRXTVmWkcT
Requested by
Host: shrinke.me
URL: https://shrinke.me/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.237.125.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-125-12.compute-1.amazonaws.com
Software
/ Express
Resource Hash
1e7c8a0e88450288feb2432665b99b1c2229e5a82f2baf311f765ded1727c3ce

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"df66-T45olJXK7nI1ZaaYLJ/SA29Or0A"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
header9.webp
shrinkme.io/
127 KB
128 KB
Image
General
Full URL
https://shrinkme.io/header9.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3939752
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
130482
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1fdb2-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FKYKc87D8ieqaR2bYYDr5S2zMRUv4YGyXngRJWlS1RsZcdB0ykIeWwZbwi7IP60zOTEqH2YiVAmcWOwSbqmh%2BCWxn0cCZnKAUpfGji7kEs8j%2FMX5RgC4xcDw3AOWM6HlApU8ubBDOmb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
67bad20bc88d2c01-FRA
expires
Fri, 24 Jun 2022 04:08:42 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v17/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:06:47 GMT
x-content-type-options
nosniff
age
181467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:50:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:06:47 GMT
fontawesome-webfont.woff2
shrinke.me/modern_theme/build/fonts/
75 KB
76 KB
Font
General
Full URL
https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: shrinke.me
URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://shrinke.me
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
:path
/modern_theme/build/fonts/fontawesome-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
shrinke.me
referer
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://shrinke.me
Referer
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6145
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12d68-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FwQYEAew8e7vnWUvaEPrTxX654AU8cLKtTynNymwzsySRG2o9RuYJq33Le1%2FHy3Po51eY2V7VnSlkpwMfXwk4VLoAZoK1L%2FzKtVaQI7wpSsx3LLv9FaS9wTSqYVEbDnGmCT%2FnqHRxEQ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
67bad209ed47d6d1-FRA
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 13:52:14 GMT
x-content-type-options
nosniff
age
448740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:52:14 GMT
api.js
www.recaptcha.net/recaptcha/
921 B
1017 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f26fda8be8cb722766cf71884315d5d0d418e59a3352f0345d01c57e4013ec0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 08 Aug 2021 18:31:14 GMT
script.min.js
shrinke.me/modern_theme/build/js/
202 KB
61 KB
Script
General
Full URL
https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/js/script.min.js?ver=6.4.0
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1347742
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"32956-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKsVcXhc9E4AuVM%2Fo0%2BxP4vGcQT%2BWUlDgVngzghh0EBzPiYBDUlimkPHyjdsmHbnKY6SD10osrVGsbqSONPqDIYMB8wYqqqHikwnMemOSPZNPzaOccX51lyxmisRLwv4GfUT4P6R8FCG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
67bad20a1d9dd6d1-FRA
expires
Mon, 23 Aug 2021 04:08:52 GMT
1844b8e470c024a415cff51a0843d71c.js
praiserevision.com/18/44/b8/
0
0
Script
General
Full URL
https://praiserevision.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 18:31:14 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
services.vlitag.com/adv1/
932 B
1 KB
Script
General
Full URL
https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa0052761d94972744b2257a728eb6cdba64424d842024356e173569e15ec20
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 8 Aug 2021 18:31:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KN8KpfgtA%2FNRK5HVd1oIjmswGFX9Du7%2FHLyupwQLfkqWqY3OAOhBgejXKxXE00t5F9PJ7Qae43TAJu0YqaYJqqGT7E%2FMhIftKTQBG%2FN61%2BJ8aaitrD4bz2pAXvg7uWor9wUimf2QTtBpDNaBrEk3%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
67bad20a4fce4ea9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
on, 01 Jan 1970 00:00:00 GMT
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1628447474.dop242.fr8.t,1628447474.cds287.fr8.hc,1628447474.cds130.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
js
www.googletagmanager.com/gtag/
100 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b67db62e7dee9a7348578cca072ea6ce8add417bea88d6c4886c4187dbdc6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40794
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 18:31:14 GMT
GCyfBiO5
shrinke.me/
20 KB
20 KB
Image
General
Full URL
https://shrinke.me/GCyfBiO5
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8784 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/GCyfBiO5
pragma
no-cache
cookie
lang=en_US; AppSession=218d3f92ce9391439799bd5fa6f193a0; csrfToken=9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
shrinke.me
referer
https://shrinke.me/GCyfBiO5
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shrinke.me/GCyfBiO5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad20a1da1d6d1-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AQWKXjIC9Cjj8I5DnTvP3BsQsFY7Xofvu53HagnC9%2FiaBKFk3OJN6wK80DLABi1xLdqMATAwXsYxUFepuQA%2FQlm2VQhHcqM3E6OYYmk8aLxs814KMPyaHFnajCoaLoofJYassu1s48P"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
expires
Thu, 19 Nov 1981 08:52:00 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:08:54 GMT
x-content-type-options
nosniff
age
181340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:51:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:08:54 GMT
1844b8e470c024a415cff51a0843d71c.js
praiserevision.com/18/44/b8/
0
0
Script
General
Full URL
https://praiserevision.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 18:31:14 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
3280
date
Sun, 08 Aug 2021 17:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 19:36:34 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1146335761&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=331398466&gjid=1203130400&cid=840728518.1628447475&tid=UA-137383949-1&_gid=2126817717.1628447475&_r=1&gtm=2ou840&z=1724071898
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
84 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-137383949-1&cid=840728518.1628447475&jid=331398466&gjid=1203130400&_gid=2126817717.1628447475&_u=YEBAAUAAAAAAAC~&z=2044726618
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Aug 2021 18:31:14 GMT
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-137383949-1&cid=840728518.1628447475&jid=331398466&_u=YEBAAUAAAAAAAC~&z=1574645446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-137383949-1&cid=840728518.1628447475&jid=331398466&_u=YEBAAUAAAAAAAC~&z=1574645446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impress
exchange.adtrue.com/delivery/ Frame C9A7
4 KB
5 KB
Script
General
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
498fd27eb6dc4514f79d6a0e0f8ac0a2743600d36313d087a0af349b9c918c1b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
nginx
x-adtrue-instance
java2
content-length
4578
content-type
application/javascript
impress
exchange.adtrue.com/delivery/ Frame CE66
4 KB
5 KB
Script
General
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
12a0241564451caa4b0a2500a7bcaa051fa8cd696faed6093a59eefa9e9a0885

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
nginx
x-adtrue-instance
java1
content-length
4578
content-type
application/javascript
/
services.vlitag.com/uv/
13 B
699 B
XHR
General
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&mtk=8509
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 8 Aug 2021 18:31:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SwG7M9wfid63%2Fq1RGEN934JptYRQNjVSm56q8RMATXypntzkpQDPQ807SPLK3QraOoKwJhE6HtD%2BeneM1SjsOYmxEkdmKhHIPrpNdAB7P2AgpqEZdm1OsEzHYjaLOtn1%2FPiJdd1rNA0NDbFdJwomc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
67bad20eeb4b4303-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
b696d0f5c06dbd9fd83feb568718537b.js
tag.vlitag.com/v1/1628227860/
515 KB
126 KB
Script
General
Full URL
https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47059f27d3b042ffc3ac44b10d8b46ebd23f445e90560873c9921f4cb5271d39
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
219600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWbvwkQbCt%2B7EQCDo0zvGQ6YGsRMWyKl0RbSWKpbbYSyUiLS3ye2FziL4pZ1lLYTtJVrJjo9hIr%2B36JiCInKe%2F9fB46jEwAfmSDHD%2BP1wY3GHfz96BllkXOcUBfRFvki04Wiao4AQlSozDpX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad20eebbe4ea9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://shrinke.me
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 13:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135980
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 13:56:16 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 4679
40 KB
20 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed6812a9b0a0d9bc15794d380ecf3dc0083b76fadb2f6ebb15b40538ea358ffc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p89wgf224yh9PJkyaqQVAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 08 Aug 2021 18:31:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-p89wgf224yh9PJkyaqQVAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20786
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/
267 KB
72 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1285506
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bcg%2FLmSWMYCvdIyGrbUDcXmMKtFrwSemlqvYfbQjmUb%2B7A8T1ULtPU539yuiyr3SEBs9SImo6KgwxuSWRuiCd4Zi%2FSOGkQpEXNz%2FRfd0YilPR%2FAPT6cOvkjf1n9D%2FuAyzezzUdQOK0MlodwDRoTJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
67bad20f9db84ea9-FRA
expires
Sat, 24 Jul 2021 21:56:09 GMT
prebid-v5.5.3.js
assets.vlitag.com/prebid/default/
442 KB
130 KB
Script
General
Full URL
https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ce288c7515b31536e66d76bba32b7dc54eef765d3a31be56b2a13842b1335b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
871405
cf-polished
origSize=453257
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 29 Jul 2021 16:27:43 GMT
server
cloudflare
etag
W/"6102d6ff-6ea89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnlQkWOEDrsbkpkKtlG37AwDBPSJl2GWMo3KEcm0PRe5tFdeQDfyMscZYYiT%2FRfkzGAyAmcwSmmjcI9%2F5RUVKkOgpzDzWqy%2F8cGZjRj9u9TnRolvmfARQ27Kl1%2B6YN7cf1yd8U8f9M36KA6zGpXT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
67bad20f9db04ea9-FRA
expires
Thu, 29 Jul 2021 16:57:50 GMT
gpt.js
www.googletagservices.com/tag/js/
71 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69cb8af6bcbd3ef6bf3ec3d81ec444a6f92975840bb6c1f83fbd5097f80dd516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"953 / 964 of 1000 / last-modified: 1628287704"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24935
x-xss-protection
0
expires
Sun, 08 Aug 2021 18:31:15 GMT
viPlayer_v47.min.js
assets.vlitag.com/plugins/vlPlayer/
14 KB
5 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v47.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1159945
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 26 Jul 2021 08:09:01 GMT
server
cloudflare
etag
W/"60fe6d9d-3700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AscduHlQi70aWvbYgEsqrTqWMyPvMN8aBJeRrt5l3t9Qp2PTe6RdFT7T2Pr5aQZxNGlvoSMlXed0brauh5ErHJkbVne3W%2BDoOF8ohaJURchwEI4PPWY5IxNgXDsnUhsfs%2B6QCh%2FrpAZcFUHo8I%2F4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
67bad20f9db44ea9-FRA
expires
Mon, 26 Jul 2021 08:48:50 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
340 KB
117 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Sun, 08 Aug 2021 18:31:15 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/
38 KB
17 KB
Script
General
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2080178
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VapO1ZTNW1OQg9VhvmmR4QLWz6m7EtDhycTQMMi595MCgaehUlLXmvW1ZQKd%2Fi6yCx6LMcqEKbGWh7OaQNx3ua9ElaiNernj8jeyAkWohlLplpGUp4AH3kX%2FCP0hVDfnRMi5qerA%2B%2F%2BGR2%2FmbTYu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
67bad20f9dba4ea9-FRA
expires
Thu, 15 Jul 2021 17:11:37 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 4679
52 KB
52 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:07:42 GMT
vary
Accept-Encoding
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
x-content-type-options
nosniff
age
181413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Sat, 06 Aug 2022 16:07:42 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 4679
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 13:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135980
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 13:56:16 GMT
pubads_impl_2021080301.js
securepubads.g.doubleclick.net/gpt/
325 KB
114 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
428f71e1b03adf42ada780217e07a5ebbad73a5c7843502197e3eece8764adbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116108
x-xss-protection
0
expires
Sun, 08 Aug 2021 18:31:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
29 B
702 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shrinke.me
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
5c0c27a6374a3e00135c48696af6bb25a95a4c10c5bc1197602514eda85c4e3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45
x-xss-protection
0
expires
Sun, 08 Aug 2021 18:31:15 GMT
truncated
/ Frame 4679
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4679
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4679
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:00:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
498645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 10 Aug 2021 00:00:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4679
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
507834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 21:27:21 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 4679
102 B
132 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&size=normal&cb=ieen4hiuyj1q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 08 Aug 2021 18:31:15 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210808
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9fa1458cee601bf31e0fd98cfbd5aed2135a7be7d92e09e8a4bb11a6daf705a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
12008
x-jsd-version
1.0.1063
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
922
etag
W/"694-Qv/IGuGXRj3yFODN+E8qEnDmtD8"
x-served-by
cache-fra19144-FRA
x-jsd-version-type
version
date
Sun, 08 Aug 2021 18:31:15 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&v...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5...
633 B
1 KB
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bc93ec4acda15bc8ea75b646b93c19a1061183082be11f2694af5e34a2797b4e

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
633
x-sid
AMS-745

Redirect headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-745
c
prebid.a-mo.net/a/
0
375 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
32
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/
0
360 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJN%2F4Fv3BlQ0DPT8SUTW4DLZOI%2Bpy6tdp5fpXXXJm9xEZAtNntx06LcGc623ZOpoCLjP4uC5HZdkF4JevheCJplfSHSZXFGIU8pJixNK50MP11p29epRQXbnCM0Qr6b84t3VGaJ4olMQziYw4doHGfEl"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
67bad2111b074a79-FRA
prebid
ib.adnxs-simple.com/ut/v3/
145 B
826 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f1bc6be6ac3b442e6bc21a373a90f03b91c2a397b10f59d6005e1e7581bd0757
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:15 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
c2608d03-2a6b-48d4-8474-1f037a142c75
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=7074793807
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
quantumdex
useast.quantumdex.io/auction/
0
627 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK0gaJD8X2KuqsCH%2B4Klepz4EETVJmQN2QvdyenkPCk34sPukIA%2Bcb9bxkdJA0XbbTEBYH4%2Fu%2Bjmwu%2BxqeZ43Cgl7N1YTg5cDVLGDcbyw4IMb8t3xLbpQfuvlwDcQcG4hy9ro08keDuGop%2FqSLy9%2FXJf"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
67bad2111b0b4a79-FRA
prebid
ib.adnxs-simple.com/ut/v3/
145 B
826 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fcf2c324c7e0df2afc5c8f89d9885a0ac4084b6b148f7ec1e9644a922be8d0af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:15 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
2c11f740-b4a7-4fdb-a7a1-683da12fe5d6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&v...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5...
633 B
1 KB
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bc93ec4acda15bc8ea75b646b93c19a1061183082be11f2694af5e34a2797b4e

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
633
x-sid
AMS-745

Redirect headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=320x50_0%3A320x50%2C320x100%2C300x75%2C300x31%2C300x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-745
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/
0
260 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
37
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=72180489551
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs-simple.com/ut/v3/
262 B
943 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
483f51595595548a0a790f04097c3785cb6ebbd0c82f7fb1aff68b2de8df299e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:15 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
057e1a31-389a-4448-9f5c-397c37f26bca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
235 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
50
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
quantumdex
useast.quantumdex.io/auction/
0
360 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQN994cokSiGj5%2Br1o8DG3gMcMYJeof80wN2M9blj1epxkC%2BXL5e97F%2Fxp2qewQT4UPd1P1OasCe89RfnRNB6TV7y0sFLImSQT1zYjPm%2FH8buEjTDSLL2FrWthC2cl1FlAj0zFhiee82XJ4GLyO2zCB7"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
67bad2111b0e4a79-FRA
ROS
ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fsh...
  • https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%...
633 B
1 KB
XHR
General
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
6f25e6ddd41a6aa77b01957fbc25460159fa5bc55bad125d817199ee89b0b13e

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
633
x-sid
AMS-745

Redirect headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.3819245742871993&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-745
cdb
bidder.criteo.com/
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.5.0&cb=25073787443
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/
74 KB
75 KB
Image
General
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182170
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRRxbbGgW5347%2BnZDax%2F6uwWUb6JbpIdY%2FbtpCRY%2FUaL0yv6F4oJp8h5%2FoEvHgFSZQ3WFRDxk2OGeAehpz5xB2F%2BNG1OlFoE6hommoN7t3bB2z6zLOCMWIDaJhqxPwxCCkGLFZK7kw23xwHPSbC5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 06 Aug 2021 16:25:05 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
67bad2113c6fd709-FRA
cf-bgj
imgq:85,h2pri
bframe
www.recaptcha.net/recaptcha/api2/ Frame 63D6
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=rjr7mi1iz6k4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
963f954f0dba1a92bbbd2ab59fbbd8888af7ebf48ed74ef8360e2143e216157d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OuAzc4HsB+jCmGwtqiYvUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=rjr7mi1iz6k4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 08 Aug 2021 18:31:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-OuAzc4HsB+jCmGwtqiYvUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 63D6
52 KB
52 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=rjr7mi1iz6k4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:07:42 GMT
vary
Accept-Encoding
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
x-content-type-options
nosniff
age
181413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Sat, 06 Aug 2022 16:07:42 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/ Frame 63D6
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RDRwZ7RcROX_wCxEJ01WeqEX/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=RDRwZ7RcROX_wCxEJ01WeqEX&k=6Le-t1wbAAAAAILqrSPUS9KfpdvbIgavLmFzii2J&cb=rjr7mi1iz6k4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 13:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135980
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 02:15:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 13:56:16 GMT
prebid.js
cdn.adtrue.com/pb/ Frame C9A7
257 KB
82 KB
Script
General
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
12000579
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2126c482b29-FRA
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame C9A7
250 KB
78 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=91254
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Mon, 09 Aug 2021 19:52:09 GMT
ga.js
cdn-adtrue.com/track/ Frame C9A7
751 B
999 B
Script
General
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11198284
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEoMk03DJq0qs5pJp5xzrXB8bvHt%2BOjAKkE0hHNEzeKNlptqW23zT7mElXwpAmZXSY9N4LIseadKmu0EohiktbRttNesvs2qeFjMv9tf0AE5KYaLFOwpb2wyyIUHNa9GYyi5ng%2B3WYFnOtQbSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad212ad251f55-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
cdb
bidder.criteo.com/ Frame C9A7
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=10319383295
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame C9A7
143 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ffe01baa3dc60c1d909f76ef6d6568e8c57436ac9f7239e73b26ddfccf578be6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:15 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4ee49432-553a-447c-bd2e-28871cc51783
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame C9A7
0
112 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid.js
cdn.adtrue.com/pb/ Frame CE66
257 KB
82 KB
Script
General
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
12000579
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2137ef32b29-FRA
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame CE66
250 KB
78 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=91254
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Mon, 09 Aug 2021 19:52:09 GMT
ga.js
cdn-adtrue.com/track/ Frame CE66
751 B
1008 B
Script
General
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=300&adHeight=250&loc=https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11198284
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbgDeG2m7REmx6nU17LlG16QvbyAtes%2BYEK07sXU0ni%2B2gXyqtL1gP8xO09b5Og4AJZV1q7Y2hxsVtHkenNQrK9pzOrOqjRa7v6iuZ6PA4ElhVs%2B3z4gtaF37QkrZQUkDzthcAEhBFj1YmzPIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2139a272bf6-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
/
tag.vlitag.com/passback/ Frame E2C6
402 B
870 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29441&divID=vi_850929441_934&w=320&h=100
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6263f35dcb57865abc7bb83ca17b3bf6b561f7866e26136b27c9d8e4267a8991
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
215396
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XbFkKoVCi%2FxvAvjCp8T1E46Gtkd3nvSCQiNhtKs8aHD8k%2BsoZO%2Bq%2B1Qc3Lj3opVQvM7FVEmYY7wrAAA0h5XAmlLvnjhoEL3Bs8qR5ir0IQRjPvzy%2FMVzGrK8o8OMDjYY%2BoPAbPe%2BUK2usLr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad213c977d709-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame E2C6
0
518 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNZABYwPeT-PPMP-PPeP-MZUB-BTyUatAAAKZwRzNhqllwqe0RrNMZAaRmNYaPPTRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDNvNOYM0Vw0UAdO77slrnhYnbRrbCnLiT79Df420xQ9UzCHPJ7vhTbmV81tw21W2an7AJTUE8fCjrg4NyOzW2IaGKUzuCbKHzDtp%2FiB3mWIBGCeI6qSn4Np1F0ju2CK6My0XygyhwihVM8%2FCww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213d8c44ea9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
/
px.vliplatform.com/bi/
0
270 B
Image
General
Full URL
https://px.vliplatform.com/bi/?e=zdNKYUqUtyt-aYUA-PUqt-wMAe-yAattTMTAyPYRrNMZAaRmNYaPPTRrtNheRlmNBYAbTAARdzNwqfftkRkjmNBYAbZA,BYAbTAA,BAAbKZ,BAAbBT,BAAbTAARwlNjxqfzxdrtb,qhhftbxl,ekoztg,kzwigxlt,thsqffofu,qdbRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2U3c38%2B4zjsWBgVLYAmP4J6%2FMVF6pcV9C987YpHKlNBpXMo3WEzqeIgDzPvBrLiMSrwhN1tEnjGd8AaNa4rRovpk9eFW7jZ12q66x%2BcltzQBlIMtzFbRg43JFm7j%2FDMPL3jepc%2FqwmjkcQpWLdwWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213e8370625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
tag.vlitag.com/passback/ Frame 6A85
402 B
872 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29441&divID=vi_850929441_377&w=320&h=100
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6263f35dcb57865abc7bb83ca17b3bf6b561f7866e26136b27c9d8e4267a8991
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
140995
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyE9RsU6nwDR79SQVN%2BJfTGpLFCWPwtMhC24G5MPI6CxBH%2BEYM9%2BMIsg%2FUsKnI80u5gdpVqyrw3TEIblA6Cpqh%2Fr8wv%2B7l8b8R2oT3oIRkIK%2F8cMzfF6bQK7BJp6gf0B%2BaYlU0yPaucHMslB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad213d990d709-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame 6A85
0
285 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNwZtraeaw-wUeP-PKZB-wUay-wYaKUyYyBTBqRzNhqllwqe0RrNMZAaRmNYaPPTRrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGP2aOjcnx3cLCEmq52zAldLqzr2dIgBC1Pp9%2BzCZbhTcgoXcpqNgp9HMl%2BgrYqPrD6KdGgLvuV1CQw9B84YzLXaEi%2BQx22SFdJ8RJUD%2BSRUv4iabqKqgnOhkeyiKXdpR0AlG4RaCZV0dpaTeec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213d8c14ea9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
/
px.vliplatform.com/bi/
0
603 B
Image
General
Full URL
https://px.vliplatform.com/bi/?e=zdNAUKKataB-UPqA-PTUP-qwYT-YKBTAPZZryqtRrNMZAaRmNYaPPTRrtNheRlmNBYAbTAARdzNwqfftkRkjmNBYAbZA,BYAbTAA,BAAbKZ,BAAbBT,BAAbTAARwlNjxqfzxdrtb,qhhftbxl,ekoztg,kzwigxlt,thsqffofu,qdbRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLiBJYCEu027UVz5R7kyEfF%2BX8y3agwstQsIO4KnQRxgr8w7aorYf9s7BG84ZfRqyJKO%2BzVFyxSZlyay7jdE8O3sFw90NmAxkmDYddOCrCocvKUhdCazXzHG5DAv%2BLXtq%2BraBPU%2FZdehH0%2B4vOUobg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213e83c0625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame BC40
100 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ba87f8a5c970ab84e696c450fa11c7d6bc63f71434d5d73341bbae42de021b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40816
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 18:31:15 GMT
js
www.googletagmanager.com/gtag/ Frame 953D
100 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1659c86f19c8ee53a722aa7bc4146c0d2ac148bd724729a194976d6f334e2100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40815
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 18:31:15 GMT
cdb
bidder.criteo.com/ Frame CE66
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=41240212542
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame CE66
142 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5598861b0146b51bd9489756ea6cfdba65c835bc9e03ce712207be4861a37f98
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:15 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
af1e606a-09d5-44fb-ad56-4a1dca7a06ad
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame CE66
0
56 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
tag.vlitag.com/passback/ Frame 2A56
195 B
755 B
Script
General
Full URL
https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29440&divID=vi_850929440_855&w=970&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b65da7e1759e98a2f61c7c52b78089e03473fbfa1fe85e8891e3255cbbf9f5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
85474
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hL%2FtGYTZb8U1qiD7DCeP2uCIBjCec0j2jY3fr%2BGnww6VTvyq0XJHh8ll9tc5pSeQTbm62SUNYQCANZc2xvUcjiwovdKaaZEdAu%2F1nYdlZ1vnok57ydY0P7EuVKwWLe3TYQ2myFVF0x0fQbv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67bad213f9ead709-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
/
stats.vlitag.com/pi/ Frame 2A56
0
264 B
Image
General
Full URL
https://stats.vlitag.com/pi/?e=zdNUrraYKYe-MZyt-PBKe-MaMB-YqrPZrZawPTyRzNhqllwqe0RrNMZAaRmNYaPPARrtNRcsokty_orN
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DoHXeXZ5%2F9%2BjqfcUgojMTlQNUmQbJZ1CCH1b3cUomOV9etoqx7x%2FuBKmMZrbG3yfC%2FQlxdXA0Zm7v2sKxmBEhUsVxfr0nDhu13OXCQLcPh1QtiW9%2FkeG8Kh0yG3Ev49rREmdb9k3CWUaqojRAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213f9394ea9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
/
px.vliplatform.com/bi/
0
273 B
Image
General
Full URL
https://px.vliplatform.com/bi/?e=zdNrYBKBTUU-AYqZ-Pqqq-wqaZ-ByeqeBUtyKUARrNMZAaRmNYaPPARrtNheRlmNaKAbYZARdzNwqfftkRkjmNKYMbaA,aKAbYZA,aKAbaA,PUMbUA,aKAbUU,aBAbTMA,aZAbaA,aUAbaA,KZAbTAARwlNjxqfzxdrtb,qhhftbxl,ekoztg,kzwigxlt,thsqffofu,qdbRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1V8AdhlZjYr0SPi1h5p9SfqftoPoPsoQfc04Exl9n3zM6Sq89QBe0D%2BBIGB5%2BAb9mrRTCa%2BJ%2FSoNFI1YWB0mMSqxAJ2EvNz%2BJvS69ElPMc8s%2FzZNyLvl%2Be9UzZ0WmK4e%2Bn7xRSuGtBrbBsdQ6dhbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213f8780625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
/
px.vliplatform.com/bi/
0
268 B
Image
General
Full URL
https://px.vliplatform.com/bi/?e=zdNTYPUYwtt-BwZK-PMYy-wKAy-taPtMZaMwyUYRrNMZAaRmNYaPPARrtNheRlmNPPZbYZARdzNcortgRkjmNPPZbYZARwlNjxqfzxdrtb,qhhftbxl,qdb,ekoztgRwkNRswyNRws0N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:cf5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzotyf6e4W3zPKhd5tciJKc3y1HmodzJxovquotN9AHoODqQrMXQusapbdWqDk%2F005hFiWJ0SCAYjiLJcpCYU0emGOb4F1YVmdd3Eq5gZAQC97iTyRZGX3QSq9%2FKE23xc3GceuG%2F8Sl6o%2Bg%2Ft0O7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
67bad213f87d0625-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
async.js
cdn.adtrue.com/rtb/ Frame E2C6
7 KB
3 KB
Script
General
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29441&divID=vi_850929441_934&w=320&h=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
1426767
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad214081c2b29-FRA
expires
Mon, 18 Jul 2022 06:11:48 GMT
async.js
cdn.adtrue.com/rtb/ Frame 6A85
7 KB
3 KB
Script
General
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29441&divID=vi_850929441_377&w=320&h=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
1426767
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad214081e2b29-FRA
expires
Mon, 18 Jul 2022 06:11:48 GMT
analytics.js
www.google-analytics.com/ Frame BC40
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4654
date
Sun, 08 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 19:13:41 GMT
analytics.js
www.google-analytics.com/ Frame 953D
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-30
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4654
date
Sun, 08 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 19:13:41 GMT
shrinke.me.992723.js
jsc.adskeeper.com/s/h/ Frame 2A56
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1628227860&d=8509&z=29440&divID=vi_850929440_855&w=970&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15fa31d911abfe3d008c72c0297d8b80057085bee4b22ceb12322c225d43dc9d

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3903
cf-ray
67bad2153ed8ee0b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
724
x-amz-id-2
ec5yeFlbweSkMG+cU0TcHPdmrGJ/waB/Mh1OeqdnM0KbO5cob349gMZMnQBuzW3eL2NV3WVeDP0=
last-modified
Wed, 28 Jul 2021 15:50:07 GMT
server
cloudflare
etag
"c7f25f52e73e3e227f79e506ebd5e58f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
A5KNRNH637YK23AV
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 08 Aug 2021 22:31:16 GMT
impress
exchange.adtrue.com/delivery/ Frame 377C
4 KB
5 KB
Script
General
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c183b97bb99d7df202a275214dc4d87fc96082c9093a8b63be2f6d8639500b25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
nginx
x-adtrue-instance
java1
content-length
4578
content-type
application/javascript
impress
exchange.adtrue.com/delivery/ Frame 80A2
4 KB
5 KB
Script
General
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c183b97bb99d7df202a275214dc4d87fc96082c9093a8b63be2f6d8639500b25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
server
nginx
x-adtrue-instance
java1
content-length
4578
content-type
application/javascript
collect
www.google-analytics.com/j/ Frame BC40
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=738174175&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=651797032&gjid=339722290&cid=840728518.1628447475&tid=UA-128776493-30&_gid=2126817717.1628447475&_r=1&gtm=2ou840&z=1498525448
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame BC40
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=738174175&t=pageview&_s=2&dl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=840728518.1628447475&tid=UA-128776493-30&_gid=2126817717.1628447475&gtm=2ou840&z=1375211525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 05:29:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 953D
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=436541865&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&ul=en-us&de=UTF-8&dt=noBid_shrinke.me_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=shrinke.me&cm=noBid&cc=Default&_u=QACAAUAB~&jid=&gjid=&cid=840728518.1628447475&tid=UA-128776493-30&_gid=2126817717.1628447475&gtm=2ou840&z=337312161
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 05:29:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://shrinke.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://shrinke.me
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1678
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame C9A7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
  • https://mug.criteo.com/sid?cpp=nOnPRnxwN1lSTHNKY2FFU0ROT1hzc2dGeldUU0kxQU50M0Q0RGdycFV2ckg2cEszVGswYmVrMHh2T2crNkN2YlVJeVlkUUFzUGRKNE1OeUNzZHJtaElGay9JWVI4aU1USjZJTmxZVDNtOHk3bkRxUkw2VERnaElydmg5ZG...
345 B
604 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=nOnPRnxwN1lSTHNKY2FFU0ROT1hzc2dGeldUU0kxQU50M0Q0RGdycFV2ckg2cEszVGswYmVrMHh2T2crNkN2YlVJeVlkUUFzUGRKNE1OeUNzZHJtaElGay9JWVI4aU1USjZJTmxZVDNtOHk3bkRxUkw2VERnaElydmg5ZGJNNWdOWUZPeGxZblFvMXA3Y25ncHpzd0NQM3hhWlZjb3NOa3FQZzRUYVpuOW51TXV3RjVjV1BQd0NZZEN4am1keFZ2SUpsMjV6ekx5dDdDTnJNTGk0MHZSVWVhV3JQeFlVNGpZS0VpVVpYQjM4Z2JCZXlFPXw&cppv=2
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c95fe4316df13289039fb5ff162800ea01055e14832775f4e46389ee44d14fdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 08 Aug 2021 18:31:16 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2081
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 08 Aug 2021 18:31:15 GMT
location
https://mug.criteo.com/sid?cpp=nOnPRnxwN1lSTHNKY2FFU0ROT1hzc2dGeldUU0kxQU50M0Q0RGdycFV2ckg2cEszVGswYmVrMHh2T2crNkN2YlVJeVlkUUFzUGRKNE1OeUNzZHJtaElGay9JWVI4aU1USjZJTmxZVDNtOHk3bkRxUkw2VERnaElydmg5ZGJNNWdOWUZPeGxZblFvMXA3Y25ncHpzd0NQM3hhWlZjb3NOa3FQZzRUYVpuOW51TXV3RjVjV1BQd0NZZEN4am1keFZ2SUpsMjV6ekx5dDdDTnJNTGk0MHZSVWVhV3JQeFlVNGpZS0VpVVpYQjM4Z2JCZXlFPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1679
content-length
482
expires
0
passback.js
cdn.adtrue.com/rtb/ Frame ECF4
753 B
552 B
Script
General
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
12000257
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad21499e42b29-FRA
expires
Thu, 17 Mar 2022 21:06:57 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://shrinke.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://shrinke.me
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1596
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CE66
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
  • https://mug.criteo.com/sid?cpp=IXaJq3xrQ3M4SVZmeWtVVkx3RjF4SmpMSjUxd2FtaWpOOVlTNkVlVDN3Wk1kL3pMUUxObjVQN2VIYitzZUxhN0h3dWhxdVQ0cEFRVElSVWRFYjk0YzNBYjdNa2lHaDVWS2dLQkEwN3hkWFFtaGZTbVkwTDRiR2VXempyMU...
340 B
598 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=IXaJq3xrQ3M4SVZmeWtVVkx3RjF4SmpMSjUxd2FtaWpOOVlTNkVlVDN3Wk1kL3pMUUxObjVQN2VIYitzZUxhN0h3dWhxdVQ0cEFRVElSVWRFYjk0YzNBYjdNa2lHaDVWS2dLQkEwN3hkWFFtaGZTbVkwTDRiR2VXempyMUg4cHpSdENPeEY0OUdjYzRSWk4yVi9MUDl6N1VxWWMrckNQelhFQVdLSmVyUGdXZ0ZiWlY0VW5uMEZlc2ovY3F2ZFpqSzNLY2tpeHB4dmZEdVdYeVhrRWw5ZjZwZWNMNTI2Z2xaUndZSGdxLzlPbmNvQllRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d819fa7c289ca0b9d6215060c65c2c22b21ee1b4d29adf29af5204749179fce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 08 Aug 2021 18:31:15 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1645
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 08 Aug 2021 18:31:15 GMT
location
https://mug.criteo.com/sid?cpp=IXaJq3xrQ3M4SVZmeWtVVkx3RjF4SmpMSjUxd2FtaWpOOVlTNkVlVDN3Wk1kL3pMUUxObjVQN2VIYitzZUxhN0h3dWhxdVQ0cEFRVElSVWRFYjk0YzNBYjdNa2lHaDVWS2dLQkEwN3hkWFFtaGZTbVkwTDRiR2VXempyMUg4cHpSdENPeEY0OUdjYzRSWk4yVi9MUDl6N1VxWWMrckNQelhFQVdLSmVyUGdXZ0ZiWlY0VW5uMEZlc2ovY3F2ZFpqSzNLY2tpeHB4dmZEdVdYeVhrRWw5ZjZwZWNMNTI2Z2xaUndZSGdxLzlPbmNvQllRPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2061
content-length
482
expires
0
passback
exchange.adtrue.com/tag/ Frame ECF4
299 B
490 B
Script
General
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=184748674&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
dbdd2ee2a6245e818664984007dd3ca9eb31dff1d18b626efe873639a4e9ea55

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx
content-length
299
content-type
application/javascript
passback.js
cdn.adtrue.com/rtb/ Frame EF41
753 B
485 B
Script
General
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
12000257
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad214ca792b29-FRA
expires
Thu, 17 Mar 2022 21:06:57 GMT
passback
exchange.adtrue.com/tag/ Frame EF41
432 B
622 B
Script
General
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=1205704558&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a9d5e562f67ce6a69e1f874a2e8ca3efbca2f58d89a0cab3d3e7d45e571cdf41

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx
content-length
432
content-type
application/javascript
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=nOnPRnxwN1lSTHNKY2FFU0ROT1hzc2dGeldUU0kxQU50M0Q0RGdycFV2ckg2cEszVGswYmVrMHh2T2crNkN2YlVJeVlkUUFzUGRKNE1OeUNzZHJtaElGay9JWVI4aU1USjZJTmxZVDNtOHk3bkRxUkw2VERnaElydmg5ZGJNNWdOWUZPeGxZblFvMXA3Y25ncHpzd0NQM3hhWlZjb3NOa3FQZzRUYVpuOW51TXV3RjVjV1BQd0NZZEN4am1keFZ2SUpsMjV6ekx5dDdDTnJNTGk0MHZSVWVhV3JQeFlVNGpZS0VpVVpYQjM4Z2JCZXlFPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
980
date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=IXaJq3xrQ3M4SVZmeWtVVkx3RjF4SmpMSjUxd2FtaWpOOVlTNkVlVDN3Wk1kL3pMUUxObjVQN2VIYitzZUxhN0h3dWhxdVQ0cEFRVElSVWRFYjk0YzNBYjdNa2lHaDVWS2dLQkEwN3hkWFFtaGZTbVkwTDRiR2VXempyMUg4cHpSdENPeEY0OUdjYzRSWk4yVi9MUDl6N1VxWWMrckNQelhFQVdLSmVyUGdXZ0ZiWlY0VW5uMEZlc2ovY3F2ZFpqSzNLY2tpeHB4dmZEdVdYeVhrRWw5ZjZwZWNMNTI2Z2xaUndZSGdxLzlPbmNvQllRPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
893
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
prebid.js
cdn.adtrue.com/pb/ Frame 377C
257 KB
82 KB
Script
General
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
12000580
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2158c2a2b29-FRA
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 377C
250 KB
78 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=91253
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Mon, 09 Aug 2021 19:52:09 GMT
ga.js
cdn-adtrue.com/track/ Frame 377C
751 B
977 B
Script
General
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11198285
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NclAcHL%2ByquVAoNTQdQaLeh2vvzi3oscNMFtn5pmRVV1EJhQ7m50PfTQyGWJo3KrkFoX6QbsJLyl9PVVdO%2BT5j9mAoL2Gf6TD6XIewEzmPYRV6mbRw%2B2CT%2FBCXXPsV27fEGw9MxONk%2FjyPrAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2158e532bf6-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 80A2
257 KB
82 KB
Script
General
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
12000580
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2158c3d2b29-FRA
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 80A2
250 KB
78 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=91253
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Mon, 09 Aug 2021 19:52:09 GMT
ga.js
cdn-adtrue.com/track/ Frame 80A2
751 B
979 B
Script
General
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20036&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cb=888701602&timeZone=2&adWidth=320&adHeight=100&loc=https://shrinke.me/GCyfBiO5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11198285
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHZCreV5d6bezPYUH3xo8ukUkl8teT3E5bNtJuYujILfqm57ScKmGpFrE%2F8xUrn4HHL2H0JF24KT9PUTNp%2FQqVW9OUDMliUXJigD%2FDXi6CyqgBygCRpxBu66YKc%2Be18%2FESb5x%2F1QU3czulvPhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2158e682bf6-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
shrinke.me.992723.es6.js
jsc.adskeeper.com/s/h/ Frame 2A56
211 KB
61 KB
Script
General
Full URL
https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ffe5c9b1463ff5bb3f71a7917df53362d15f9b46e725a022d8d27acaa4712d

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4062
cf-ray
67bad21619f43a87-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
62255
x-amz-id-2
LMXaTs3ouLMETam9EvtLiS5adDuQjkfukdkl8/PKyLk/FPlKWazF6C5/iTIAdFgdeuBfr/fbBVY=
last-modified
Wed, 28 Jul 2021 15:50:07 GMT
server
cloudflare
etag
"87a638bf9c7e04f9f63efb5fd5b3c349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
XBTZXB8ZXRM7QNR4
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 08 Aug 2021 22:31:16 GMT
translator
hbopenbid.pubmatic.com/ Frame 377C
0
56 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 377C
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=22760964716
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 377C
143 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2ef1208b61e774ff154c60d7247934475417ebc72b7b058b26e55b2d2e716fce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:16 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
284969bb-df19-41af-ad2e-6d2eda8e106c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 80A2
0
56 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 80A2
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=40415967184
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:15 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 80A2
141 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
52a3c7a4fc58308b6f9a82e68ed560b1af864632a5aadf5945241666e14caeeb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:16 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
38fd825a-a018-452e-8c3e-47b3d1acc624
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
141
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adtrue.shrinke.me.994621.js
jsc.adskeeper.co.uk/a/d/ Frame ECF4
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=184748674&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae8e1cf6149523af13027512ef8d0bf64dfe48eea30001f8945f4957abd693a

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
age
6293
last-modified
Tue, 27 Jul 2021 14:05:49 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
G2N7BKBJ7NCGN1NB
x-amz-id-2
nO1P0dSr1t48noL4zD/TTtTzwr8pNlaQi0JKmy3lo3EiaQ/8y3paiEKLakkDtguLzcZ4UT4RFR0=
cf-bgj
minify
server
cloudflare
etag
W/"0c465d2502fc9fddbdaf9404d93d2314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
67bad216ef7b1e91-AMS
expires
Sun, 08 Aug 2021 22:31:16 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://shrinke.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://shrinke.me
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1681
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 377C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
  • https://mug.criteo.com/sid?cpp=U0xTZnxLaU9iNUoxZkZOUk4vNi9MRy9vVWJTVVBMSWdJblphOElmRmRBQzI0MGd5bVd4YklGK3o5S1lPeURmMXllU2RtZ0xra05XdEhnWWFwT2tZbThCRWU1RlJVczNtOUpzdXVFQ3ZDcmpZblNpclZvVzMxRnJRZFFwM2...
355 B
605 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=U0xTZnxLaU9iNUoxZkZOUk4vNi9MRy9vVWJTVVBMSWdJblphOElmRmRBQzI0MGd5bVd4YklGK3o5S1lPeURmMXllU2RtZ0xra05XdEhnWWFwT2tZbThCRWU1RlJVczNtOUpzdXVFQ3ZDcmpZblNpclZvVzMxRnJRZFFwM2xiS25PTnI0am9MU3Qva1RqOHpBRW8zRjVQWklGWWlON2FnZHJBai82amo4L2lHK0hWeUJhWmVXQ2lCQXZTa3VjMGNMOGhNNmF3cUt0aDFPSUgrWXhaVUFjN2tZVy9YT2x0aVNVUEZrYm9UL3l4TElia0lZPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5b3424842e91177880f0cd341e3f9a980de96fadb3ec7dd11cda32d848505fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 08 Aug 2021 18:31:16 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2081
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 08 Aug 2021 18:31:15 GMT
location
https://mug.criteo.com/sid?cpp=U0xTZnxLaU9iNUoxZkZOUk4vNi9MRy9vVWJTVVBMSWdJblphOElmRmRBQzI0MGd5bVd4YklGK3o5S1lPeURmMXllU2RtZ0xra05XdEhnWWFwT2tZbThCRWU1RlJVczNtOUpzdXVFQ3ZDcmpZblNpclZvVzMxRnJRZFFwM2xiS25PTnI0am9MU3Qva1RqOHpBRW8zRjVQWklGWWlON2FnZHJBai82amo4L2lHK0hWeUJhWmVXQ2lCQXZTa3VjMGNMOGhNNmF3cUt0aDFPSUgrWXhaVUFjN2tZVy9YT2x0aVNVUEZrYm9UL3l4TElia0lZPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1656
content-length
482
expires
0
invoke.js
praiserevision.com/2b7825b40010ad17ac7b5777c664449c/ Frame EF41
0
0
Script
General
Full URL
https://praiserevision.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://shrinke.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://shrinke.me
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1626
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 80A2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1
  • https://mug.criteo.com/sid?cpp=7nZk_XxCSVBuOU03aWpIWktKQjRBcTE0NHVwZVRzRjJ4K1Y0RURVR0VMNGdqTVlaN2Z5Zll0SlVwQVlIb0hJVkZYakJxekl3enNUZUNkeVBhU2xiUU95WWVEaFZRdEpSeVVMcFAvYUlKdmtseUowZ2kwTjAwT1hzMzV2cF...
356 B
612 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=7nZk_XxCSVBuOU03aWpIWktKQjRBcTE0NHVwZVRzRjJ4K1Y0RURVR0VMNGdqTVlaN2Z5Zll0SlVwQVlIb0hJVkZYakJxekl3enNUZUNkeVBhU2xiUU95WWVEaFZRdEpSeVVMcFAvYUlKdmtseUowZ2kwTjAwT1hzMzV2cFN5QTlCd0s3QUR0VllhYk4yMWNPRXBlaGJ6aXhWWCtWL3FzUXE1SEkyeW9mOVNTa0hHRnl6cVVzNGpHdGMrNmEzRmp3eXk2Y2gxcDB5TWtWdndEOS9aOHRzM0wwNmhJVWdBbGpnMGtSVXgyTkhvOFYybmVJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e6225b96f2dc4888c1e2d9612b17dfa5ad0d58f1d7e46fc9a08dcbd69638b55c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 08 Aug 2021 18:31:15 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2027
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 08 Aug 2021 18:31:15 GMT
location
https://mug.criteo.com/sid?cpp=7nZk_XxCSVBuOU03aWpIWktKQjRBcTE0NHVwZVRzRjJ4K1Y0RURVR0VMNGdqTVlaN2Z5Zll0SlVwQVlIb0hJVkZYakJxekl3enNUZUNkeVBhU2xiUU95WWVEaFZRdEpSeVVMcFAvYUlKdmtseUowZ2kwTjAwT1hzMzV2cFN5QTlCd0s3QUR0VllhYk4yMWNPRXBlaGJ6aXhWWCtWL3FzUXE1SEkyeW9mOVNTa0hHRnl6cVVzNGpHdGMrNmEzRmp3eXk2Y2gxcDB5TWtWdndEOS9aOHRzM0wwNmhJVWdBbGpnMGtSVXgyTkhvOFYybmVJPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1649
content-length
482
expires
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=U0xTZnxLaU9iNUoxZkZOUk4vNi9MRy9vVWJTVVBMSWdJblphOElmRmRBQzI0MGd5bVd4YklGK3o5S1lPeURmMXllU2RtZ0xra05XdEhnWWFwT2tZbThCRWU1RlJVczNtOUpzdXVFQ3ZDcmpZblNpclZvVzMxRnJRZFFwM2xiS25PTnI0am9MU3Qva1RqOHpBRW8zRjVQWklGWWlON2FnZHJBai82amo4L2lHK0hWeUJhWmVXQ2lCQXZTa3VjMGNMOGhNNmF3cUt0aDFPSUgrWXhaVUFjN2tZVy9YT2x0aVNVUEZrYm9UL3l4TElia0lZPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1204
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
passback.js
cdn.adtrue.com/rtb/ Frame D022
753 B
492 B
Script
General
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
12000258
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad2166e1d2b29-FRA
expires
Thu, 17 Mar 2022 21:06:57 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=7nZk_XxCSVBuOU03aWpIWktKQjRBcTE0NHVwZVRzRjJ4K1Y0RURVR0VMNGdqTVlaN2Z5Zll0SlVwQVlIb0hJVkZYakJxekl3enNUZUNkeVBhU2xiUU95WWVEaFZRdEpSeVVMcFAvYUlKdmtseUowZ2kwTjAwT1hzMzV2cFN5QTlCd0s3QUR0VllhYk4yMWNPRXBlaGJ6aXhWWCtWL3FzUXE1SEkyeW9mOVNTa0hHRnl6cVVzNGpHdGMrNmEzRmp3eXk2Y2gxcDB5TWtWdndEOS9aOHRzM0wwNmhJVWdBbGpnMGtSVXgyTkhvOFYybmVJPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
829
date
Sun, 08 Aug 2021 18:31:15 GMT
content-encoding
gzip
vary
Accept-Encoding
passback
exchange.adtrue.com/tag/ Frame D022
431 B
621 B
Script
General
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20036&divid=1249419602&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a39d60f737b78b6739ec48800c96f53f8d61cbc93afeb2d5dfb79376285197c3

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx
content-length
431
content-type
application/javascript
adtrue.shrinke.me.994621.es6.js
jsc.adskeeper.co.uk/a/d/ Frame ECF4
211 KB
60 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b07e1ff8a32fa4a06447bade27ac0d6cf1d5a1a8f72b29ecd0bea5c0d3b610

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
age
4357
last-modified
Tue, 27 Jul 2021 14:05:49 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
2TB3Y06CAZR1JX9C
x-amz-id-2
NqMWLLpcR6r3Lw9RW3DQEtU/IjItH9PjZ9NaSF8lJ7x9Pw5dhn/K0/eZjr108JW9f6lRg3XepH8=
cf-bgj
minify
server
cloudflare
etag
W/"cafa37695d789b665ed2393bdd5072c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
67bad217bc4b00d6-AMS
expires
Sun, 08 Aug 2021 22:31:16 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 1433
753 B
485 B
Script
General
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
12000258
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
67bad21788a32b29-FRA
expires
Thu, 17 Mar 2022 21:06:57 GMT
passback
exchange.adtrue.com/tag/ Frame 1433
431 B
621 B
Script
General
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20036&divid=1409148709&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.192.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-192-77.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a39d60f737b78b6739ec48800c96f53f8d61cbc93afeb2d5dfb79376285197c3

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx
content-length
431
content-type
application/javascript
invoke.js
praiserevision.com/b08bc109300d9c6de2b250d77095f421/ Frame D022
0
0
Script
General
Full URL
https://praiserevision.com/b08bc109300d9c6de2b250d77095f421/invoke.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
c.adskeeper.com/pv/ Frame 2A56
0
285 B
Script
General
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1628447476486113463267&uniqId=0e238&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cxurl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&lu=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&sessionId=611022f4-01d4a&pageView=1&pvid=17b27088b07b14e33ae&site=629011&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad218497dee0b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 2A56
4 KB
1 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
age
2255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
STBT0HSHGQK0T59Q
x-amz-id-2
HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
67bad21849711e91-AMS
expires
Sun, 08 Aug 2021 22:31:16 GMT
invoke.js
praiserevision.com/b08bc109300d9c6de2b250d77095f421/ Frame 1433
0
0
Script
General
Full URL
https://praiserevision.com/b08bc109300d9c6de2b250d77095f421/invoke.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/GCyfBiO5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 18:31:16 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C9A7
83 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:16 GMT
/
c.adskeeper.co.uk/pv/ Frame ECF4
0
286 B
Script
General
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1628447476733859887728&uniqId=09793&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cxurl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&lu=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&sessionId=611022f4-01d4a&pageView=1&pvid=17b27088b07b14e33ae&site=630298&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad219cb901e91-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
syncframe
gum.criteo.com/ Frame 3DB0
291 B
590 B
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=shrinke.me&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
436
date
Sun, 08 Aug 2021 18:31:16 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C9A7
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:16 GMT
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame ECF4
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
age
2255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
STBT0HSHGQK0T59Q
x-amz-id-2
HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
67bad219ef5800d6-AMS
expires
Sun, 08 Aug 2021 22:31:16 GMT
1
servicer.adskeeper.com/992723/ Frame 2A56
1015 B
791 B
Script
General
Full URL
https://servicer.adskeeper.com/992723/1?pv=5&cbuster=1628447476765226760982&uniqId=0e238&niet=4g&nisd=false&jsv=es6&w=970&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cxurl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&lu=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&sessionId=611022f4-01d4a&pageView=1&pvid=17b27088b07b14e33ae&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd11e180d6fff0d5d32ca7d137fd14fb10a79c4423dc976537eb07e50dea7409

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad21a0ae5ee0b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CE66
83 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:16 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CE66
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:16 GMT
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 2A56
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:16 GMT
content-encoding
br
cf-cache-status
HIT
age
2255
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
STBT0HSHGQK0T59Q
x-amz-id-2
HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
67bad21af8f600d6-AMS
expires
Sun, 08 Aug 2021 22:31:16 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzgyNDJhMTg4ZTM0ZjFkYjc2OTFlY2M5ZjFiZjQxYmQ3LmpwZWc.webp
s-img.adskeeper.com/g/8164866/492x277/20x25x1004x669/ Frame 2A56
8 KB
9 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/8164866/492x277/20x25x1004x669/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzgyNDJhMTg4ZTM0ZjFkYjc2OTFlY2M5ZjFiZjQxYmQ3LmpwZWc.webp?v=1628447476-tzwjrDFqKRxc82UPGD4csyTJ9qS3297zIrZHaVzoc7s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e27f50833426396eb08bc48ff5764459b781835ebbc7f8dedd07f3fc9be17e

Request headers

Origin
https://shrinke.me
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:07 GMT
x-mg-request-uuid
b0e609f7-3089-4344-a302-3efc5c533782
age
1038951
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
67bad21bdc5f40ab-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8470
server
cloudflare
i.js
cm.adskeeper.com/ Frame 2A56
19 B
126 B
Script
General
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1628447477007817726520
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
d0d116c9-5eac-40f8-913e-90542e1e5582
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad21b8bfeee0b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
i-noref.js
cm.adskeeper.com/ Frame D077
19 B
186 B
Script
General
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1628447477022771407626
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
1e890973-1b2e-4592-9d56-7e8902224e10
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad21b9c07ee0b-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
1
servicer.adskeeper.co.uk/994621/ Frame ECF4
1 KB
916 B
Script
General
Full URL
https://servicer.adskeeper.co.uk/994621/1?pv=5&cbuster=1628447477027281927211&uniqId=09793&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&cxurl=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&lu=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&sessionId=611022f4-01d4a&pageView=1&pvid=17b27088b07b14e33ae&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53cb721f81c14dd827b5484b2c4d34c30cbf459cafd4b758a1950a7e7ae099ee

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad21b9e3a1e91-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 377C
83 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b5cf6934f9f632cff3aeca60e21d4b38c28a74570df484abeaf0b643784283c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 10:15:53 GMT
server
nginx
etag
W/"6107c5d9-14abb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:17 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 80A2
83 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b5cf6934f9f632cff3aeca60e21d4b38c28a74570df484abeaf0b643784283c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 10:15:53 GMT
server
nginx
etag
W/"6107c5d9-14abb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:17 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 377C
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b5cf6934f9f632cff3aeca60e21d4b38c28a74570df484abeaf0b643784283c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 10:15:53 GMT
server
nginx
etag
W/"6107c5d9-14abb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:17 GMT
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame ECF4
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
br
cf-cache-status
HIT
age
2256
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
STBT0HSHGQK0T59Q
x-amz-id-2
HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
67bad21c5b1f00d6-AMS
expires
Sun, 08 Aug 2021 22:31:17 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNWZiYzEzMmJiYzFmZDBiM...
s-img.adskeeper.co.uk/g/8164846/492x277/-/ Frame ECF4
19 KB
19 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/8164846/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvNWZiYzEzMmJiYzFmZDBiMTFhYTRkYmQ3ZTIwMGRkNDcuanBn.webp?v=1628447477-202spodzr5UcSvXEqMDWqh9dkhcZRsN79SKnziDBJig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237f4094e8739b150532f80c6da8fae693dd09ce6f6aef9bd925e1f11631f374

Request headers

Origin
https://shrinke.me
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:35:51 GMT
x-mg-request-uuid
3432009d-25a2-4c29-aa67-75764a8c0712
age
125447
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
67bad21d09552014-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19430
server
cloudflare
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 80A2
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b5cf6934f9f632cff3aeca60e21d4b38c28a74570df484abeaf0b643784283c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 10:15:53 GMT
server
nginx
etag
W/"6107c5d9-14abb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:17 GMT
i.js
cm.adskeeper.co.uk/ Frame ECF4
113 B
216 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1628447477177612489297
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb78cc73a4c46bb097bec37721eed5e280d51669892e3e45714f5716c2cd86e

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
fb76f7fd-4a97-4ff0-94b3-8bcd9efdafc4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad21c8f8e1e91-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
i-noref.js
cm.adskeeper.co.uk/ Frame A063
19 B
104 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1628447477189478415333
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
0eba8e18-c48c-4eb4-ac45-0fcedde6510b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad21c9fa01e91-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
publishertag.prebid.105.js
static.criteo.net/js/ld/
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:17 GMT
/
cm.steepto.com/setmuidn/ Frame ECF4
0
173 B
Image
General
Full URL
https://cm.steepto.com/setmuidn/?muidf=l78gicweGZvb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
67bad21ed861fa30-AMS
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/
83 KB
27 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b5cf6934f9f632cff3aeca60e21d4b38c28a74570df484abeaf0b643784283c

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:17 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 10:15:53 GMT
server
nginx
etag
W/"6107c5d9-14abb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 09 Aug 2021 18:31:17 GMT
806.json
id5-sync.com/g/v2/ Frame C9A7
213 B
528 B
XHR
General
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
535f5eb3394afee9ebf7cdfea28a5201b44d7fa5a97d5162fe0f6ef0af47a984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Sun, 08 Aug 2021 18:31:03 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame C9A7
77 B
825 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
81165dae62222a3a2709a9ee6d0748ef8c4a8a09bdcee718ca86064ba51d4410

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.45.30.107
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame C9A7
109 B
539 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
4b316377f099e055f34a2e4248ce81bece4014455ca5217131380368e2eed8ad

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 07 Sep 2021 18:31:18 GMT
806.json
id5-sync.com/g/v2/ Frame CE66
213 B
528 B
XHR
General
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f6f6ad8a89b1a15114bf6fd5b10d8aab8a613d73126b2cf7e8caa534f4db0a95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Sun, 08 Aug 2021 18:31:03 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame CE66
77 B
823 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
45236e14992678b48c797ad5749979ae33226e5fb36c0aacf84ec6d0c411710d

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.45.26.12
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame CE66
109 B
539 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
e201e80d49154a772a7281eb5cd1666297444c5c7166812648b07c8a9d598477

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 07 Sep 2021 18:31:18 GMT
806.json
id5-sync.com/g/v2/ Frame 377C
213 B
528 B
XHR
General
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
b2e9aa48de80b70c095203781b4d8744615b14e9047f341cf335f9e7d4924d45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Sun, 08 Aug 2021 18:31:03 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 377C
77 B
448 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0ae722c1d6d8739650cd30b2e26503eb570e9e2d452adfae72a3839ea11435e1

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.45.10.8
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 377C
108 B
538 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
eedffa273959ec9754da455f002c450db193ad1469011e6b5e6d28df56ce20ab

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 07 Sep 2021 18:31:18 GMT
806.json
id5-sync.com/g/v2/ Frame 80A2
213 B
528 B
XHR
General
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6310adf8de1b0d94b88c56d7c1c3abdfec70d3ff25cff0586166c5900f88929d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Sun, 08 Aug 2021 18:31:03 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 80A2
77 B
450 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3821636287fec5ab888c8fdf4d6e8e3d082232396db375cc89591dcc6c8e8946

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.45.14.149
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 80A2
108 B
538 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
eedffa273959ec9754da455f002c450db193ad1469011e6b5e6d28df56ce20ab

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 07 Sep 2021 18:31:18 GMT
c
c.adskeeper.com/ Frame 2A56
43 B
434 B
Image
General
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=300|250|12|ZWE6YlAm0bUSSsNoJZhktk3NbJmnBboLJmZNn1MGdjQx-oL3eU1Lrh66-SzafTdh&fw=1&extjs=66044&cid=992723&h2=s6DTIq8_dmTag7EPnAov6dSbCPv8f3qqI9uObWc_aRA*&rid=d16e73ef-f876-11eb-be66-d094662c24f7&tt=Direct&iv=11&pageImp=1&pvid=17b27088b07b14e33ae&cbuster=1628447478252616632526&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:18 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
abbabca3-b575-49c6-b242-fddac08deff3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad223397f3a87-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:18 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs-simple.com/ut/v3/
262 B
943 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9d5519e03823d536305db622f3e0a6ab75c8b5be63edf9cd23c85cd0e0bbcfe1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:18 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid
050cc494-ecda-40ff-9e55-51d8faae05e0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
142 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:18 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
188
vary
origin, Accept-Encoding
ROS
ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/
650 B
968 B
XHR
General
Full URL
https://ads.us.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.3819245742871993&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&pbv=5.5.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2FGCyfBiO5&gdpr=1&gdprcs=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5ee2480b24d7af408eb406b75e9489bceeab8e6970a9a9a5aa18171e9ce6f1f8

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Sun, 08 Aug 2021 18:31:18 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
650
x-sid
AMS-745
quantumdex
useast.quantumdex.io/auction/
0
385 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6tubtsgLG7zdvJNOBanJWl4Md45GiCCj16ALARSyqVQBSTRKGf7PK%2FcciWjcnj4%2FH%2FzqF94AJwVEgM0K2skYMBieMKqP9g2rDm2wQNUMePi6f8SoAg7%2BwZsaALiVLmGWq5OKcwCAxeoCMDoarYmBmIR"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
67bad223e8364a79-FRA
cdb
bidder.criteo.com/
0
183 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=105&profileId=185&av=34&wv=5.5.0&cb=22072744841
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:18 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/
0
183 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://shrinke.me
date
Sun, 08 Aug 2021 18:31:18 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
c
c.adskeeper.co.uk/ Frame ECF4
43 B
434 B
Image
General
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=3&v=300|250|12|lm_8hnNXz2cq48O-4LLUuuSVgxYRMJJ97wKCS-7Qx9Qh5oRPd_EgAca-xD-JGM2a&fw=1&extjs=66044&cid=994621&h2=s6DTIq8_dmTag7EPnAov6dSbCPv8f3qqI9uObWc_aRA*&rid=d192c1b0-f876-11eb-a7e2-2cea7f875b01&tt=Direct&iv=11&pageImp=1&pvid=17b27088b07b14e33ae&cbuster=1628447478468869410541&tpl=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:18 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
8e2a2e9b-974d-4c43-abd5-23b43f2227b8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
67bad2249e4300d6-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
vi-logo.svg
assets.vlitag.com/media/icon/
11 KB
4 KB
Image
General
Full URL
https://assets.vlitag.com/media/icon/vi-logo.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2114950
cf-ray
67bad225ea5fd709-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:49 GMT
server
cloudflare
etag
W/"5dbbbcf1-2c34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoTwqrRmLWolAN920EsZH%2BgNCIrD1LHHtMMTYATpzb%2FMeh7ZXAfkuYWsHsWE4VG%2Fb8vmLvjYhGOD8j3zIlzCpeitTHas675R17YNK0v085Qn9Jl9AcKL4THxjLwpLi3df5pzN1%2FhyaP2Y1%2FBbFy0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
quantumdex
sync.quantumdex.io/usersync/ Frame 1033
3 KB
970 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ec0c680b6bdf95e1cf04bf76decdbcb73a5d32a9450c8d8b22564431c3d8b4

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-type
text/html
set-cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70; expires=Sat, 28 Aug 2021 18:31:18 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z78%2FyHO3jzV9aT9jL2iar7bMT5FlyjCViigL%2BsFmmnsUNQzwbWZEU8LaBqHzDX%2FkmWG5JkoC0f69grT%2FicJXGx3fPvgrZ1RZgFkEUdrsMV2pKQj9ALixV6N578XvaIKjx4tEQs9YymYAAmFldSBuKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67bad2269e684a79-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame E0C0
3 KB
974 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c261f01db1fdbdfe12196cb95c00ab127d6ced4443b411e0c04ca7dd7d4a121

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-type
text/html
set-cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70; expires=Sat, 28 Aug 2021 18:31:18 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2PnDe99D0vY0EozMGprdOGvFxft%2FD0xOsTzL5Yz31ih4EaPiQbbFh90AF8ifbdbcN%2BNX%2FVK7JXtEHLW2upePhaA%2Fj9X6zhO72MdSh%2FBvXnUxKXxnWdhHzehDKFoC8jIlzrTh6nE%2BTo2h8Y2RGmwtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67bad2269e6b4a79-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame BD19
3 KB
964 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d79e1b59a9a15564fbbc9a4623f09a4d8feee7863aafa547512444ccf667a2f

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-type
text/html
set-cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70; expires=Sat, 28 Aug 2021 18:31:18 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do%2Fxgc7VJ4zMMR%2FsUVGrQUfSazdEtOkCDJ%2Bj8lfAGeQkKTnRzeFmbxuooMAvUieTPZoK5%2BiMn1%2BsWyt2J6k8mN%2FjZyD%2BuKtak5YxRGymTd0oA8c4SzaXXj4MsQKZivC%2B4HnG0HaGkoy6q1XGrCmX1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67bad2269e674a79-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame A9B7
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e374af96685fd9dc9066e44283c2305f75dee48ed224107cbeee0d67f80351

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-type
text/html
set-cookie
uid=50e5ff81-b24f-4672-86b6-d34f6840de70; expires=Sat, 28 Aug 2021 18:31:18 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBMfW3lqSY4gGV5Pcp377EPF%2B81520gPJ1vFUBqXd5A0fgSbKPWkbAA7GOjIlamfHEj2sYGMVZ7iJd%2FD1SRsi5AB9D1qCkAi23FK2SQ3rNqTJhkB3%2BqH2STyY5nF2Cw89M%2FJddqGAVseQYudu9%2F%2B0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67bad2269e6a4a79-FRA
content-encoding
br
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D06bf0c8a838e0ab4%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D06bf0c8a838e0ab4%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=06bf0c8a838e0ab4&uid=e0fb56bdc1f9f62ff532be7e
42 B
104 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=06bf0c8a838e0ab4&uid=e0fb56bdc1f9f62ff532be7e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=06bf0c8a838e0ab4&uid=e0fb56bdc1f9f62ff532be7e
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D10fe86d4c4e58b59%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D10fe86d4c4e58b59%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=10fe86d4c4e58b59&uid=6249cad87d0cbdc75a51a713
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=10fe86d4c4e58b59&uid=6249cad87d0cbdc75a51a713
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=10fe86d4c4e58b59&uid=6249cad87d0cbdc75a51a713
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1068
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=126935
expires
Tue, 10 Aug 2021 05:46:53 GMT
date
Sun, 08 Aug 2021 18:31:18 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame EE7B
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shrinke.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3281756890389629715; icu=ChgIz5I0EAoYAiACKAIw9MXAiAY4AkACSAIQ9MXAiAYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 08 Aug 2021 18:31:19 GMT
Age
49667
X-Served-By
cache-lga13624-LGA, cache-fra19177-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 368736
X-Timer
S1628447479.074033,VS0,VE0
Vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
43 B
339 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6xXWqb3ACmjcCz8wX0bdBMj8E%2FOFm6R3WVoCXZhwHMFuwcZpO4wA7I%2FbYa6TB8D2Oel25G517qTVkvaK8Sq%2FAMnK5qzo8Nlddb5FfKq6abQhY9TT3wRzKEujLB6KcvPp4hNwzCWk%2FlBVGyhyAYYhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad227d96a4a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:18 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7b611eb0-1f32-45b5-a8ad-a91d9ebf9d8d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bcbfcba9a68747edd50daaff
43 B
330 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bcbfcba9a68747edd50daaff
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg2tPPtrk397u9tcFAPGldRwwuoo37QLgQL40B%2Fb%2FR40XUPV97HYElUB4JCfGif%2FET56dzl5TqN97vEQG%2FvPQkqJSfmICIOFUnCcXdszaPLcWwqo%2FnKH%2FQ9IgHd97BtiV6ThRhjGZ1eRPoYd76W1yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22ad8ce4a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bcbfcba9a68747edd50daaff
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9d0a3375-b403-40ec-a36e-968cea04cb4a
43 B
326 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9d0a3375-b403-40ec-a36e-968cea04cb4a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSZq7fiRy06pw4EYn0P6JzEC8pbnFt9PDjn0GtiWKz21C%2FOehbJvcSDJXy6Ibe19RVWZv29CBR132ZF4jT%2Bqf6bl73YlkAxugVOJ4y4TpKFi2Z38n1EeAIuOEnuF5wNq4RLHCfsD%2BsVbU%2FFQzGecgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b1b4a79-FRA
content-length
43

Redirect headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imiyoYECSZ%2Brei%2BJ5Zr6wtDe%2BcXGrscc3Q%2FHyRkvJGu3G48WMctNOd4Q76CXONkqZ6lgdi9w1P9mKzbDpEGIWdPjrlxxZ3lfbbFYiCuTCIDsiqopRu6f2%2ByodSb3%2BfobkUCrMn%2FHuIFVOGNC9Mw%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9d0a3375-b403-40ec-a36e-968cea04cb4a
cf-ray
67bad227c9624a79-FRA
content-length
0
us
sync.go.sonobi.com/ Frame A9B7
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Dbp3u55E2uHT_5JAXzuiWngmptJMdIg0Ol8nbCk-~A
43 B
327 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Dbp3u55E2uHT_5JAXzuiWngmptJMdIg0Ol8nbCk-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAiMXPEeAvziWoS5wM2dAl%2F51pG1gr306ATemPNRvjoA5l0b86gSYUxlYAQOeWi%2F5qzk6RzTwopIAfqW6PQ2%2BuZfx2Z4AbVyzOdSvcS2qKrFaIHOnwy6FsYG%2FUSauHsiYwCVLeifF5u6WKc%2FJSI1PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2291c6c4a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Dbp3u55E2uHT_5JAXzuiWngmptJMdIg0Ol8nbCk-~A
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame A9B7
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f&verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
43 B
331 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHxl0xP%2FYn6%2FBO7cQzUknMfsQlCTghFgd%2BLzM7wxmJdRkFxW%2BKUjGqn30EfzGLQngk3Nsk173R4syvWsQPHSSgZ7YljEqI0wHFooFuActAZKMX%2BCeq7u3IT4q%2FZVMBR1Q9y471rF8B7CrigO4TfZog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22c0bfa4a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d109fe30-05d6-4803-b035-f8fe5a01fcde
43 B
337 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d109fe30-05d6-4803-b035-f8fe5a01fcde
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BbWM954SYK7w%2B91081CVrYoF2r9va5cNm%2BPL8pAGzZxFSQ2bpCB6rQW5YNpjjc2C8XwQvcuUMDibHPHW7OCpsUIge6gfyU%2B%2Fsx4%2BKdZQQq%2BwfRlprcVrVE2XrYf%2F7wS%2FtV0KgDi%2FQACwLzmmbe4vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22a5fae4a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-d109fe30-05d6-4803-b035-f8fe5a01fcde
date
Sun, 08 Aug 2021 18:31:19 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4bbd765f-0961-45a5-8ad6-e37ab535a21d
43 B
329 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4bbd765f-0961-45a5-8ad6-e37ab535a21d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJsUr4nYF%2B100tYjJHdE6clyM9PRCuiZPJ3Sn5bQzKCTkKXrRM%2BB6Z2zbQIupqNZ%2Fg2PjcsjXeYtIz6GLgxTh32SP1E6vLOGxD%2BGh5v52oa4jFEy9M2R06ggFDyRjjlMcNL7m70FPbIfdTOq09I%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b204a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4bbd765f-0961-45a5-8ad6-e37ab535a21d
date
Sun, 08 Aug 2021 18:31:19 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame A9B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
43 B
325 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvCNPw3rYLvyVhpqco22yFUu6PItG63HlKIvhPfqyyXNUnvBVvmJ%2FmTjX8C4F9QWtJ7wgXy59vZs9EtZHGmsLy1knBvTvFD3qXOnWdgyFV81zc4juUJ0PuWfv2Z4p16F7d83BrRlF5VAuybu17%2BhYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad227d96b4a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:18 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bbe251da-8a9b-4b8f-945e-a8aa6a1ad4b9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 6957
43 B
555 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YRAi+; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 2FB7
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6B0D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a59fb2a7973a35a90513d02f19ec11d8e33411b846cc2c4f6e12a9c59979ddb

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YRAi9yYjaXCpc.n9DWiqQwAA; CMPS=1155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|13|111|4|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1838
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi9yYjaXCpc.n9DWiqQwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMPRO=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMRUM3=0d611022f705a0&04611022f705a0&27611022f70b40&6f611022f705a0&e6611022f72760&1f611022f705a00&f1611022f705a0&2d611022f705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMST=YRAi92EQIvcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 09 Aug 2021 18:31:19 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi9yYjaXCpc.n9DWiqQwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C495
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=130855
expires
Tue, 10 Aug 2021 06:52:14 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8e2b0297-1955-4c86-a078-e4aeca944efa
43 B
478 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8e2b0297-1955-4c86-a078-e4aeca944efa
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRZud7kYppIigUAy3ajxQ7twlwo2%2Bajxa4vvJQ4mAN0lTL0axixweM%2BZDSNGavRlmoDXsHvoN81f9ve%2FlobT1Wf9XcPqsNVf9%2FF2ccrbb8io%2FSZ4P9mjAJi9ZD5qejHGZQFg1TF0JU9lkDWY2hN1Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22c1c104a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-8e2b0297-1955-4c86-a078-e4aeca944efa
date
Sun, 08 Aug 2021 18:31:19 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=373344e0-983d-4788-b516-7f8bcfc983ad
43 B
333 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=373344e0-983d-4788-b516-7f8bcfc983ad
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ca6o2Qb%2BiBB6CeXbJIMO%2FPO8ZjDsOxAckVKXabk8gS2E282inbtGhn4hegrpMv%2FF%2B858HqF1cVY898A8%2Box2Tl1%2FQwrtJ9aXN6Ulr%2F545ym1WHsoptZfc0JzVVJBOYNpMl1lTqz%2Fjy%2FDAz2j%2F9eBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b224a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=373344e0-983d-4788-b516-7f8bcfc983ad
date
Sun, 08 Aug 2021 18:31:19 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
43 B
327 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEm8BB9fsT%2BJ6%2FZPMxnit%2FBp%2FxIHlSsVUiqXuLL3B%2B0v2fksRtiSTq2N0NYiO7mYAOtc0zkbZx6H0QwmtZSjrSgdYs%2F1vAiBy5IxiE2l2e6ftzuoBlNitAcCixwWZBstir6cYccm1tGpLDN0Hyl5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b344a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dc9e2669-a895-467f-8cf6-93c737763f0f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
43 B
328 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXyC84CjomcHLGfMwe0JXNcq6kc9vtsInsTNl9ZDawO9dm5jZQyJnh0F0RyofbSAoacMyfABEHHFqgToRpu3JXQnY0X9ta6rjpT5v%2BFdhXExCam%2BvIhYEo672veivvHI%2Fwrz2LXkT%2BGb5F6sb%2FRXGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2282a5a4a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
87fa54ba-f91e-4708-9448-a3e47d15eb5f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame E0C0
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=787ff301-83d3-4196-9ac3-f992d3b7d4ed
43 B
473 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=787ff301-83d3-4196-9ac3-f992d3b7d4ed
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQYMi8j3XUrHEP1pbSpSAmV5KfsR7Bk7eMW0b0iNdU6PbVq93qzDSPvLwKaDbCdYMYUhlIB8pRpG76SLKol4J3LqSbrapbZhm2Y1g%2BqVDfacawIUCFgI0BPI0EZJRJtcR4NVS6W0rlZ0aHanHataiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b1d4a79-FRA
content-length
43

Redirect headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWPbK5zFeYauhXjPF1hrtVygX6SCF%2F3WMLyUwzmSF2ZGb5qzBBS0ZdkBwxhSL8WbIB3xd9lP9dlO7WA5zHmp3EdEqIjfjbkhnsGFqM0WTTjMmMl4n3Bo7%2F3gSBZPbj5AG0T3RTtLd6TLZxy0kd0%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=787ff301-83d3-4196-9ac3-f992d3b7d4ed
cf-ray
67bad227c95d4a79-FRA
content-length
0
us
sync.go.sonobi.com/ Frame E0C0
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c1094415aad24d3260a024ec
43 B
328 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c1094415aad24d3260a024ec
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj14qx8V3JI99dX%2FCIjkvRVQSyc7FuLHOei85aI9vSHuF3kYMkYnl4s5ohlKKK4o3IL9YxFzIhrvT%2BgOFK3KcV2IxLr6D1YRWjUQiYFtn3CvayQNYVDfXw3A441bQhqs8%2FFKNdkFcs%2F1zHPFZeYyMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22ad8db4a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c1094415aad24d3260a024ec
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-s.gaJklE2uFcqm_4uUih7YzNgYmCXD7I3ppenwQ-~A
43 B
337 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-s.gaJklE2uFcqm_4uUih7YzNgYmCXD7I3ppenwQ-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0FIngUYSlPQnG4fgCNOHa6pwpHi5dRYeQo6cOlbjTyx1WzpsznT1u5T86%2BKUVDjyKzMJsSxJVGu4FGJDo4ZIhkgtZRqTCJD0Zuj%2FP0d5iH13ad43vMBg0JsUr1YFhawM%2FNF4PAr28OLZOqJDxMkig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2296d3a4a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-s.gaJklE2uFcqm_4uUih7YzNgYmCXD7I3ppenwQ-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2e9f736-f876-11eb-a016-026bfd81e88f&verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
43 B
334 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRCCMZk%2FYJDW9s1wbaTAViQJ77wcgC%2FE%2BJY%2F%2F9Ch9D4vaGksYyLdgyWfSIyRDoXAHFnf52GWnjhNGsyQ%2BEDG9mXzz6%2Byi4OFXV6eI0KIEFyDXYBwWI7XjDc2Tg3gLj0qUpjUL3U0DVwVfHfmlSXSjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22bdb664a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2e9f736-f876-11eb-a016-026bfd81e88f
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3da1b408f08e1cf2b8bcb4c41e4448b017bce75f8780382769013b204a86e330

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1155; CMID=YRAi9zs2GGAs4DfmQDdXlAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|195|105|31|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1838
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi9zs2GGAs4DfmQDdXlAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMST=YRAi92EQIvcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 09 Aug 2021 18:31:19 GMT CMRUM3=51611022f705a0&69611022f705a0&e6611022f72760&1f611022f705a00&f1611022f705a0&2d611022f705a0&c3611022f705a00&27611022f70b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi9zs2GGAs4DfmQDdXlAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 89E1
43 B
551 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YRAi+; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame B669
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6398
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=130855
expires
Tue, 10 Aug 2021 06:52:14 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
1.gif
id5-sync.com/c/495/0/0/ Frame BD19
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b&verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b
43 B
348 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tfx5WnCpBQMyOGVRKWWmPeRroNq24cf4uvb8MVZpi4G1CNFb4cJzzejGl5b5i66XoRYg%2B0nRk68pZ1TsETzbTKNBVUh3B%2B59cvYmfJ8MfPQZxMpbsmzf%2F62rVjmpxLuIvguva0hwGU1CvLN2VNS5NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22bfbd84a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2efc3a7-f876-11eb-b36b-0a4a8f81a13b
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a413a5bc-18c4-4b15-a40c-2fbdacd0e936
43 B
351 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a413a5bc-18c4-4b15-a40c-2fbdacd0e936
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcOn7KRDlm7jMSx%2BGFhxUeYHVeP9HDActMULYqTAD392CQ89m6efhpMszhGCVHalmOKo%2Bylm909T0Ioz7GEzwzXEPDh03%2Bm5G1c9a6SeTw07q94DbW0jUhLbJdzxIHxBrg%2BnOH9ROF%2BxLXCf2cgcdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22a5fb64a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-a413a5bc-18c4-4b15-a40c-2fbdacd0e936
date
Sun, 08 Aug 2021 18:31:19 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=58043eb0-153a-4676-938a-b516c03a6011
43 B
324 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=58043eb0-153a-4676-938a-b516c03a6011
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5%2BLYyWu9r9LQFn0DuaU3F31uYPIhJgizjf5pGEeqxJCUxs4dwSf8dGt0gbZl10CnwBZhERuJUyT8zD6VfnZZGYjC3IkK2nrEsrbA1Q1P0BNK3R34oSoYFASL1xz5SDjLffoPGsTZH90GysF6P%2BQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b294a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=58043eb0-153a-4676-938a-b516c03a6011
date
Sun, 08 Aug 2021 18:31:19 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
43 B
484 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wY6mRl3g69Kuqr%2BgbcG6mpC2JZa6YZVI2QB2Q%2BO7pid%2Bb8%2FcQHsBICedZEqjlMrHn4%2BOmY0sRuJQkk7ALnbDVzLsfhBHTJtWp7R6Ov%2FlYQH5YkGDGDU4UoPgVRtnmMJYXLUIO74xK5dSVYNg%2BY3lfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad228ec0a4a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b9be5c0c-31f5-470a-b3cd-73d84bae5935
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
43 B
352 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWcukUT%2FHvvUxnS0gs3zCt6e3%2BVVlJCHk1pdMSPKCMNEKRkC%2FefUSvSgzluxdJZvj1FfaonZESfHGuBpVDVKp0lyqKTfuxU7nUMJgkTQpoTDdjzPT5vknPBVaCCAeX4RRbANCE9XphwgSje%2FHlBoHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad228cbb74a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
98d550af-95ee-459d-8b08-d989d3ee5a05
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=da17a8ce7355fa5204e32236
43 B
336 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=da17a8ce7355fa5204e32236
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEoCgAod4seXRpEllh9WnO3DX9cu%2F5uvIdoFrCxqEIfsuBT3nGmlsNTmrztC6FtUEDBLXIfJrIZyWUqsHxBEGH3fmgBQqjxvn7%2F3zevQcMfJceHHWNXlzH7vMQPDOur0KvmVUvuwzOGfHvodLnrOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22b39d24a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=da17a8ce7355fa5204e32236
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c0d028ab-a0be-4145-9671-33381d181fb5
43 B
328 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c0d028ab-a0be-4145-9671-33381d181fb5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75od6z0CTQOl%2BrTCTUidSclj9bLxyFQgsZseEatzqpa%2F00fWk9UZv9a4ilCekUs4k5W2jBXykuWCtR%2FhXBPtWtT3b0dFVpSgFhgqPJUKFlFH75hJ%2BfFdlaVWh0cz1Kgmzy2Xg9v%2FEKV9dgtj%2Bh5Vow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad228fc2c4a79-FRA
content-length
43

Redirect headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ASmRzz3wKyAYA7dl8qOkHUyZVjC0GFcUcKzakHBcR3Zm4glwB4Yk2kbuNkwzhNS97%2FFQ3hkfKIJh1tsZvdlibGkavoDhLtNQpePviFIC9SbqZ3Q62g%2FCQ%2BZODtIpWma10VMvP9RYT9o5cZHd0c%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c0d028ab-a0be-4145-9671-33381d181fb5
cf-ray
67bad227c9654a79-FRA
content-length
0
us
sync.go.sonobi.com/ Frame BD19
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame BD19
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-k79hdSBE2uFvB1VXS9UTYoAvpNQ3CUPVJrGPo5k-~A
43 B
326 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-k79hdSBE2uFvB1VXS9UTYoAvpNQ3CUPVJrGPo5k-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIRiXJzTKCLumI0IIV3YelNjqMVMjwoJ6tQOWIjTMJ3fG6nF2tz3BI07JqxDt9RLkxGp0A7Kg%2BSlsi1%2BV03EEZhtNQTLyHi24J1FxqonQChVjuOZLGLCx8fhp5f8w949luL9qZcvYFL5Dh6rk%2FKJkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2294d004a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-k79hdSBE2uFvB1VXS9UTYoAvpNQ3CUPVJrGPo5k-~A
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 43A8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4b9b76db23ad77edc470ca026350b0d44b4d83ba125349ab76621afba25b267

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1155; CMID=YRAi91c2Lu1RHZyctKlebgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|111|105|57|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1620
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi91c2Lu1RHZyctKlebgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMPRO=1159;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMST=YRAi92EQIvcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 09 Aug 2021 18:31:19 GMT CMRUM3=c4611022f705a0&39611022f705a0&27611022f70b40&2d611022f705a0&f1611022f705a0&6f611022f705a0&69611022f705a0&e6611022f72760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi91c2Lu1RHZyctKlebgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 201A
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=130855
expires
Tue, 10 Aug 2021 06:52:14 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame CF39
43 B
555 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YRAi+; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 3575
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
43 B
335 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt15gjw7muHemyGOpAKfd7V1WaRxPvZhSqencmar1iUSsRRGTMocyjr69m6oV2KfhB5uK2wkYjmtMS9284LHH8Aeh0OmPp%2BluluiGVK9EhG151M3TrW4caP2WczT%2FN6%2BNrRwEZUJGG3Ugf7H%2BomKrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b2c4a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
85b8625e-c7cf-422c-83b9-be476a4bff4a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
43 B
332 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkZiX3MkLMzYAB%2BJxc%2FXYCWZZTmqN%2B9OmaxTSxMy6mm%2FHHuGih2tgJMG8ttSlQDptaYaBRALTM7dY9%2FFpJVj0u0vlTT4WW9Wz62WBSBJPftIIcW%2F1pJCrs%2BazcMS2NhVEkcNlDz5EpExR8aWvDbDdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad228bb954a79-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ec0f809e-f70f-4c02-9f35-50b0342780e9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3281756890389629715
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame 1033
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 08 Aug 2021 18:31:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=86d23d5e-913b-4fa1-913d-83dfc99aaa95
43 B
344 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=86d23d5e-913b-4fa1-913d-83dfc99aaa95
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otfNiHtaMKlPchyVl8q3lD1ZCB0tkrNV1easaSvo3a2Vv0h4RCyHLnl2q4Jqci9APNfaJDvQtlcpBZ%2FGgnQHtZAqMdf7gHJbkp0JS%2BSiitndJzTvQu3ReN1xiEPl6ygPul4cKxVNnWJves6325qgmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b1a4a79-FRA
content-length
43

Redirect headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2W6vKx3B3R51IGlidNIWW70XTPYTJfsh4NLqNB%2Ft88YSfKKAIrqoUp2K2SvaEex4Y4XDKllQpVPmCSnjC%2FTUvGoLsGH47Iyyn9ZK%2BnKSxxtAO7qETSkN3lXi0CJ%2FDZ%2F7KPw90yjgjeU2BCRWYI%3D"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=86d23d5e-913b-4fa1-913d-83dfc99aaa95
cf-ray
67bad227d9694a79-FRA
content-length
0
us
sync.go.sonobi.com/ Frame 1033
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2804d50ee1775cabb8774051
43 B
333 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2804d50ee1775cabb8774051
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FT7RmGczTrmLWq0s4Qx0SJCIKDJ1ImuqprrSgWt%2BCGyzocN6C%2BTjNt4b7hg%2FshfezQhQSrAaa5X%2FSBpCwjK%2F0izwOKjWRGmwKcAW9MQZVEYrN7vItkXVPEg%2FnRRo%2Bh2oob9mbN3HKQzhjhNxFdUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22b39d64a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2804d50ee1775cabb8774051
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-c2UCZaFE2uFzE5deif3VXtKXzXfXDEioQpowG6s-~A
43 B
328 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-c2UCZaFE2uFzE5deif3VXtKXzXfXDEioQpowG6s-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bh3IJvpeEl3b266bQXKIG25sEZFYES5QKwCI4KzyeaGZX6oF57ma3%2FB8IGrrzXWhjZ7TJpzIm7sO7jc19XPiiAO2OPvB2Yc7%2BDU7%2FDBMh71fKw1NOjOZhNaPtzRBftpnt3PXBWFZJxEu8HHSjB5qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2295d1f4a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-c2UCZaFE2uFzE5deif3VXtKXzXfXDEioQpowG6s-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2ee16c9-f876-11eb-b50a-029a9903a159
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd2ee16c9-f876-11eb-b50a-029a9903a159&verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2ee16c9-f876-11eb-b50a-029a9903a159
43 B
327 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2ee16c9-f876-11eb-b50a-029a9903a159
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElHZtF0wHbVcvmqs2Jv22nxzCqlUjouz9FKQlTdLFbIQ%2FiwBGh7uikIwHvu%2FSqXLX8FOXboBFNK6NqK2n6dKO%2FA3lXRBSchPAfpfDaVq5CJQy3nZVWKNWu3SbnakM8Vjooq7JiqIA1gzovfyrEHXoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22bfbb24a79-FRA
content-length
43

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd2ee16c9-f876-11eb-b50a-029a9903a159
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-91947028-1f05-4a63-b6e6-e0d644c80d00
43 B
479 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-91947028-1f05-4a63-b6e6-e0d644c80d00
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQ1bnMo8x2VresfmcW1F3mLUwdCukDZfG%2F0redIrI4KmYsAi%2B0F0KHPCkxlX%2FtNSuzDrmoC5z%2FEbOAT22fPvr4IU9P3xXx50tGdu%2BHAviuFmKNPC5AbdvlsoV0IRM6ad4pXv67%2FmuXmBYsN4n1asVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22a5fb24a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-91947028-1f05-4a63-b6e6-e0d644c80d00
date
Sun, 08 Aug 2021 18:31:19 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 1033
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03623ffc-d9b5-4b9e-876d-2e0e83104146
43 B
327 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03623ffc-d9b5-4b9e-876d-2e0e83104146
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7%2FMiW3Nr6xmS72TGUfabLh7atum2QL80%2BMbu%2B6YjzgWS1X9MeIzDjCY8YOxAx0EeD7uyUjMsano1sIVWs1SGXweRJuZZksAoLltNseJ%2B7jExUktVvHFcccTtaNRX%2FynvpGL1yIHxVGGut5mTvEn6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad2288b254a79-FRA
content-length
43

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=03623ffc-d9b5-4b9e-876d-2e0e83104146
date
Sun, 08 Aug 2021 18:31:19 GMT
content-length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4036
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a8b3e295b268a6ea11d77c83c7ef2e40a54d7fde55fbf7b9f82d21f93704b6b6

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1155; CMID=YRAi9.JPZ.lFvO0ExscNCgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|45|230|8|13|4|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1748
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi9.JPZ.lFvO0ExscNCgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMPRO=1145;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT CMRUM3=e6611022f72760&08611022f705a00&2d611022f705a0&f1611022f705a0&04611022f705a0&27611022f70b40&0d611022f705a0&c4611022f705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMST=YRAi92EQIvcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 09 Aug 2021 18:31:19 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 08 Aug 2021 18:31:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YRAi9.JPZ.lFvO0ExscNCgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 18:31:19 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 18:31:19 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame F405
43 B
555 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YRAi+; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 5DD2
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57B9
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=130855
expires
Tue, 10 Aug 2021 06:52:14 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5222
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=126934
expires
Tue, 10 Aug 2021 05:46:53 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 02A3
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shrinke.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3281756890389629715; icu=ChgIz5I0EAoYAiACKAIw9MXAiAY4AkACSAIQ9MXAiAYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 08 Aug 2021 18:31:19 GMT
Age
49666
X-Served-By
cache-lga13624-LGA, cache-fra19134-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 354034
X-Timer
S1628447479.125175,VS0,VE0
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 1068
6 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46998628&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c29458e7119b8d6fd4344551d3ad080a69a27b26ded2b58b29a9a5b2aa100189

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A59
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shrinke.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3281756890389629715; icu=ChgIz5I0EAoYAiACKAIw9MXAiAY4AkACSAIQ9MXAiAYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 08 Aug 2021 18:31:19 GMT
Age
49667
X-Served-By
cache-lga13624-LGA, cache-fra19134-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 354035
X-Timer
S1628447479.249007,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3E9E
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=126934
expires
Tue, 10 Aug 2021 05:46:53 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3E9E
6 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67669508&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
56bad46f2e3e2ff511cf0ee9038719796534de5debf039a06b7d96c09f3cf226

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:18 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 6B0D
0
0

dcm
s.amazon-adsystem.com/ Frame 6B0D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BXJM4114HX0NTVJ03MZB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CPKT8JKXAH9EPV0FXK7F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6B0D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YRAi9yYjaXCpc.n9DWiqQwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6B0D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9yYjaXCpc.n9DWiqQwAA
0
0

indexexchange
sync.adotmob.com/cookie/ Frame 6B0D
0
0

match
c1.adform.net/serving/cookie/ Frame 6B0D
0
330 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 6B0D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:20 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
noop
px.owneriq.net/ Frame 6B0D
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6817338821947082077&uid=Q6817338821947082077&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Image
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:23 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 08 Aug 2021 18:31:23 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 6B0D
43 B
327 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEvhqJZkbvleg0Xk8asIZ%2BjjPqmSGBORW8nCjabrj%2FiSLToTyonZuc8ljwkBdSrKeUuhRGrPExyqGJKK3UntRYfD8tEvsAx3auzeRupi2waXCbyYqNWT0gZnr9Bkz2%2BqrYMBy%2FR1t0Nu5kquql4dEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad229be164a79-FRA
content-length
43
pixel
cm.g.doubleclick.net/ Frame 43A8
0
0

casale
match.adsrvr.org/track/cmf/ Frame 43A8
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YRAi91c2Lu1RHZyctKlebgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 43A8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
15M35TWGRZNYQ2WQHQZC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z901ZMA6HYQR6EWF5K2S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 43A8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi91c2Lu1RHZyctKlebgAA
0
0

match
c1.adform.net/serving/cookie/ Frame 43A8
0
331 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 43A8
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 08 Aug 2021 18:31:22 GMT
server
nginx/1.20.0
content-length
76
cm
p.rfihub.com/ Frame 43A8
0
0

us.php
gu.dyntrk.com/adx/ie/ Frame 43A8
0
0

setuid
sync.quantumdex.io/ Frame 43A8
43 B
323 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep6EnojgWbl1I9dukeNQIfUo0WpeX9EmydNA28QFvVJN%2BrWvcrxsFLaypbTOLJwxp8AAmFTW6cCjuf2H2qiSU8pxYjr6ABLqGbqzMp6CsYIYq590bflDooe0iKnSO%2FFDycGrvvyNbxd8b3GgHvn4Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad229feb24a79-FRA
content-length
43
dcm
s.amazon-adsystem.com/ Frame 4036
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DNY3Q61TCPKKGQBG0RQW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NGWFVFC7T7QZFQK8E27K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4036
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YRAi9.JPZ.lFvO0ExscNCgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4036
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9.JPZ.lFvO0ExscNCgAA
0
0

pixel
cm.g.doubleclick.net/ Frame 4036
0
0

crum
dsum-sec.casalemedia.com/ Frame 4036
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6ef1b574-632a-4fce-8d3f-2f7717c095b3&expiration=1659983479
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6ef1b574-632a-4fce-8d3f-2f7717c095b3&expiration=1659983479
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:21 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6ef1b574-632a-4fce-8d3f-2f7717c095b3&expiration=1659983479
date
Sun, 08 Aug 2021 18:31:19 GMT
server
Kestrel
content-length
0
indexexchange
sync.adotmob.com/cookie/ Frame 4036
0
0

rum
dsum-sec.casalemedia.com/ Frame 4036
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:20 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4196423437988044198
pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
us.php
gu.dyntrk.com/adx/ie/ Frame 4036
0
0

setuid
sync.quantumdex.io/ Frame 4036
43 B
329 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzVrLSIARpKoOPn74v6C9KzUhgpdVQj%2BlJHyLoDUkZssLIuED7n%2Fuw04fNDs35swgCfg6JQUf8pcLWxJRWshq4bce8Xz%2FdPlBSlzQP%2BEH6%2BC2Hy4Nl1z7iDJe2hvAEJ%2FeIsqnYsCWgmtmYw2TX63SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22a3f564a79-FRA
content-length
43
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6A45
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://shrinke.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 08 Aug 2021 18:31:19 GMT
Age
49667
X-Served-By
cache-lga13624-LGA, cache-fra19134-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 354036
X-Timer
S1628447479.427746,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F896
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shrinke.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shrinke.me/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=126934
expires
Tue, 10 Aug 2021 05:46:53 GMT
date
Sun, 08 Aug 2021 18:31:19 GMT
vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame A0E3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8930509151542698473; expires=Thu, 07 Oct 2021 18:31:19 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 08 Aug 2021 18:31:19 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=63CA18AD-0F6B-4893-BF22-EA604C9356CA
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 08 Sep 2021 18:31:19 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
d5p.de17a.com/getuid/ Frame 4AF5
0
0

usersync.aspx
dis.criteo.com/dis/ Frame B59A
43 B
360 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 08 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1366
x-powered-by
ASP.NET
date
Sun, 08 Aug 2021 18:31:26 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 6F0F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678468515981
42 B
211 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678468515981
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678468515981
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_409=22966-u6iQbfpYVKKCGBuhpPmKXR13; PugT=1628447482; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:22 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6994128678468515981; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PugT=1628447482; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:22 GMT; path=/
x-lat
lhrpug002:0:489
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 08 Aug 2021 18:31:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6994128678468515981; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678468515981
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 8AC7
0
0

/
csync.loopme.me/ Frame 4D61
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 4A43
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=167222816
  • https://sync.1rx.io/usersync/tradedesk/a8655d80-5dee-47a1-bcf8-db387e33ebd9
  • https://sync.targeting.unrulymedia.com/csync/RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
42 B
268 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
chkChromeAb67Sec=1; KADUSERCOOKIE=01BFD3DE-507D-4754-A404-8DAC5D63B913; DPSync3=1628467200%3A174%7C1629590400%3A201_197_219; SyncRTB3=1629590400%3A220_71_161_3_230_55_56_54_8_81_166_204_231_13_22_99_88_234_176_21_7_165_189%7C1628985600%3A223_2_15_67%7C1629244800%3A63%7C1629676800%3A35%7C1630972800%3A203; PugT=1628447479; PUBMDCID=3; KRTBCOOKIE_22=14911-4196423437988044198; KRTBCOOKIE_377=6810-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&22918-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&23031-a8655d80-5dee-47a1-bcf8-db387e33ebd9; KRTBCOOKIE_391=22924-8710181708270382054&KRTB&23263-8710181708270382054; KRTBCOOKIE_57=22776-8491476304433887455; KRTBCOOKIE_153=19420-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3&KRTB&22979-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3; SPugT=1628447479
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:20 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003&KRTB&17107-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:20 GMT; path=/ PugT=1628447480; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:20 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:20 GMT; path=/
x-lat
lhrpug001:0:587
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sun, 08 Aug 2021 18:31:20 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003%22%7D; path=/; expires=Mon, 08 Aug 2022 18:31:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
etag
RX36ccc8b0c4994f0081f16f5ece1e7761003
dpe
ad4m.at/ad/ Frame 960A
42 B
974 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67bad22aba4e05d0-FRA
Pug
image2.pubmatic.com/AdServer/ Frame FF23
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
42 B
216 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=01BFD3DE-507D-4754-A404-8DAC5D63B913; PUBMDCID=3; KRTBCOOKIE_22=14911-4196423437988044198; KRTBCOOKIE_377=6810-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&22918-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&23031-a8655d80-5dee-47a1-bcf8-db387e33ebd9; KRTBCOOKIE_391=22924-8710181708270382054&KRTB&23263-8710181708270382054; KRTBCOOKIE_57=22776-8491476304433887455; KRTBCOOKIE_153=19420-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3&KRTB&22979-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003&KRTB&17107-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003; KRTBCOOKIE_218=22978-YRAi_AADdDLlNgAC&KRTB&23194-YRAi_AADdDLlNgAC&KRTB&23209-YRAi_AADdDLlNgAC&KRTB&23244-YRAi_AADdDLlNgAC; KRTBCOOKIE_466=16530-9dd34a5f-4746-45cb-b4b1-3655fe7286c0; SPugT=1628447481; KRTBCOOKIE_1074=22956-e_e0658e5a-b1fd-48c8-8780-a4574a6385a8; SyncRTB3=1629244800%3A63%7C1629590400%3A78_71_56_231_234_5_55_176_166_13_222_161_230_220_57_81_22_99_165_189_104_233_3_204_21_7_54_8_88%7C1633564800%3A69%7C1628985600%3A2_67_223_15%7C1630972800%3A203%7C1629676800%3A35; KRTBCOOKIE_107=1471-uid:KzNK0IGo1McNzY5; PugT=1628447482; chkChromeAb67Sec=3; DPSync3=1630972800%3A232%7C1628467200%3A174%7C1629590400%3A235_219_227_221_226_201_197
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:22 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-u6iQbfpYVKKCGBuhpPmKXR13; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PugT=1628447482; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:22 GMT; path=/
x-lat
lhrpug015:0:513
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 08 Aug 2021 18:31:22 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=u6iQbfpYVKKCGBuhpPmKXR13; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame AF79
0
0

rtset
bh.contextweb.com/bh/ Frame E4EC
0
0

i.match
s.tribalfusion.com/z/ Frame C64F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
415 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=axnoeUsKBRwFmDqS86hPJGEEjlMTBDRS1D1P65nc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=asnseFxZduB7RApTrruFhALNi7NppPKb5ZcNMSWUjHOtSQQJPSXnRrpX7PF08FZcseeWUIJUB2NFC5RfGjdcbrN; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT; SameSite=None; Secure; ANON_ID_old=asnseFxZduB7RApTrruFhALNi7NppPKb5ZcNMSWUjHOtSQQJPSXnRrpX7PF08FZcseeWUIJUB2NFC5RfGjdcbrN; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67bad22bfa981f31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
163
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=axnoeUsKBRwFmDqS86hPJGEEjlMTBDRS1D1P65nc; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT; SameSite=None; Secure; ANON_ID_old=axnoeUsKBRwFmDqS86hPJGEEjlMTBDRS1D1P65nc; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67bad22ad84f1f31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 6278
0
0

pixel
cm.g.doubleclick.net/ Frame 1068
0
0

img
sync.mathtag.com/sync/ Frame 1068
0
0

/
pixel.onaudience.com/ Frame 1068
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=63CA18AD-0F6B-4893-BF22-EA604C9356CA
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4b9611500611db8e5926802ca8d0eaa8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=a8655d80-5dee-47a1-bcf8-db387e33ebd9&icm
35 B
247 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=147&mapped=a8655d80-5dee-47a1-bcf8-db387e33ebd9&icm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5000442.ip-51-79-83.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.onaudience.com/?partner=147&mapped=a8655d80-5dee-47a1-bcf8-db387e33ebd9&icm
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
pixel
cm.g.doubleclick.net/ Frame 1068
0
0

pixel
cm.g.doubleclick.net/ Frame 1068
0
0

pubmatic
um.simpli.fi/ Frame 1068
43 B
607 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 18:31:22 GMT
img
sync.mathtag.com/sync/ Frame 1068
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7040537458721788283
42 B
234 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7040537458721788283
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:406
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7040537458721788283
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48dd49d3-a60d-4bde-833f-723023182db8
42 B
604 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48dd49d3-a60d-4bde-833f-723023182db8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:308
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=48dd49d3-a60d-4bde-833f-723023182db8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8653682403972662184&gdpr=0&gdpr_consent=
42 B
210 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8653682403972662184&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
51f36356-01be-4c0f-bb7a-8a457fe4cb19
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8653682403972662184&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
63CA18AD-0F6B-4893-BF22-EA604C9356CA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1068
43 B
924 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/63CA18AD-0F6B-4893-BF22-EA604C9356CA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=63CA18AD-0F6B-4893-BF22-EA604C9356CA&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
0
375 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Sun, 08 Aug 2021 18:31:19 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Sun, 08 Aug 2021 18:31:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=2cdf7d76-52a5-4a48-ab09-a6251b67a760&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
1 B
70 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:518
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3
42 B
274 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:585
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
1 B
264 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:466
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 1068
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
165 B
Image
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRAi_AADnJ_FPgA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1328
x-served-by
cache-fra19180-FRA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1628447480.231509,VS0,VE0
content-length
85
x-cache-hits
3767

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1628447480.086497,VS0,VE92
x-served-by
cache-fra19180-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRAi_AADnJ_FPgA4
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1068
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=63CA18AD-0F6B-4893-BF22-EA604C9356CA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd1050ec-6d39-429e-a556-e57140a2ff1e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd1050ec-6d39-429e-a556-e57140a2ff1e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:511
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dd1050ec-6d39-429e-a556-e57140a2ff1e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 08 Aug 2021 18:31:20 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
136 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:667
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:365
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:21 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5b94e12d-b613-4591-a9b3-a6dd40c3c610
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1068
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7ad3598b-863f-40b4-bcbc-bfb70fa28f2c
42 B
353 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7ad3598b-863f-40b4-bcbc-bfb70fa28f2c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7ad3598b-863f-40b4-bcbc-bfb70fa28f2c
date
Sun, 08 Aug 2021 18:31:21 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
img
sync.mathtag.com/sync/ Frame 3E9E
0
0

match
c1.adform.net/serving/cookie/ Frame E318
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=225879585586250556; expires=Thu, 07 Oct 2021 18:31:19 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 08 Aug 2021 18:31:19 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 08 Sep 2021 18:31:19 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 3E9E
0
0

pubmatic
um.simpli.fi/ Frame 3E9E
43 B
609 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 18:31:22 GMT
pubmatic
d5p.de17a.com/getuid/ Frame C93E
0
0

img
sync.mathtag.com/sync/ Frame 3E9E
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8710181708270382054
42 B
233 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8710181708270382054
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8710181708270382054
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8655d80-5dee-47a1-bcf8-db387e33ebd9
42 B
294 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8655d80-5dee-47a1-bcf8-db387e33ebd9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:533
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8655d80-5dee-47a1-bcf8-db387e33ebd9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usersync.aspx
dis.criteo.com/dis/ Frame 88EC
43 B
360 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 08 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1179
x-powered-by
ASP.NET
date
Sun, 08 Aug 2021 18:31:26 GMT
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491476304433887455&gdpr=0&gdpr_consent=
42 B
210 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491476304433887455&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:507
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:19 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bdf551de-209c-4994-9d50-750b7d2b3022
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8491476304433887455&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=2cdf7d76-52a5-4a48-ab09-a6251b67a760&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
1 B
336 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:421
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9dd34a5f-4746-45cb-b4b1-3655fe7286c0&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eyIvZH8heGNgJHwxLiMzN3UkLWNgcC1neSV_AQQZ
42 B
274 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eyIvZH8heGNgJHwxLiMzN3UkLWNgcC1neSV_AQQZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:2713
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eyIvZH8heGNgJHwxLiMzN3UkLWNgcC1neSV_AQQZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
1 B
244 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:510
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4196423437988044198&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7B0C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678470547597
42 B
367 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678470547597
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678470547597
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_409=22966-u6iQbfpYVKKCGBuhpPmKXR13; PugT=1628447482; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:23 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6994128678470547597; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:23 GMT; path=/ PugT=1628447483; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:23 GMT; path=/
x-lat
lhrpug002:0:326
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 08 Aug 2021 18:31:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6994128678470547597; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994128678470547597
Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRAi_AADdDLlNgAC&gdpr=0&gdpr_consent=&_test=YRAi_AADdDLlNgAC
1 B
236 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRAi_AADdDLlNgAC&gdpr=0&gdpr_consent=&_test=YRAi_AADdDLlNgAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:275
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1628447480.231630,VS0,VE0
x-served-by
cache-fra19180-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRAi_AADdDLlNgAC&gdpr=0&gdpr_consent=&_test=YRAi_AADdDLlNgAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 7A43
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:adf287fa-4484-4c23-933d-62d0c0ff52c0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:adf287fa-4484-4c23-933d-62d0c0ff52c0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:460
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:adf287fa-4484-4c23-933d-62d0c0ff52c0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 08 Aug 2021 18:31:20 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
282 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:456
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:20 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
csync.loopme.me/ Frame 21B3
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame CBDD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7951264459
  • https://sync.1rx.io/usersync/tradedesk/a8655d80-5dee-47a1-bcf8-db387e33ebd9
  • https://sync.targeting.unrulymedia.com/csync/RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
42 B
113 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
chkChromeAb67Sec=1; KADUSERCOOKIE=01BFD3DE-507D-4754-A404-8DAC5D63B913; DPSync3=1628467200%3A174%7C1629590400%3A201_197_219; SyncRTB3=1629590400%3A220_71_161_3_230_55_56_54_8_81_166_204_231_13_22_99_88_234_176_21_7_165_189%7C1628985600%3A223_2_15_67%7C1629244800%3A63%7C1629676800%3A35%7C1630972800%3A203; PugT=1628447479; PUBMDCID=3; KRTBCOOKIE_22=14911-4196423437988044198; KRTBCOOKIE_377=6810-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&22918-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&23031-a8655d80-5dee-47a1-bcf8-db387e33ebd9; KRTBCOOKIE_391=22924-8710181708270382054&KRTB&23263-8710181708270382054; KRTBCOOKIE_57=22776-8491476304433887455; KRTBCOOKIE_153=19420-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3&KRTB&22979-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3; SPugT=1628447479
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:20 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003&KRTB&17107-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:20 GMT; path=/ PugT=1628447480; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:20 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:20 GMT; path=/
x-lat
lhrpug008:0:2373
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sun, 08 Aug 2021 18:31:20 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003%22%7D; path=/; expires=Mon, 08 Aug 2022 18:31:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003
etag
RX36ccc8b0c4994f0081f16f5ece1e7761003
dpe
ad4m.at/ad/ Frame DEFB
42 B
117 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c072 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67bad22ada9505d0-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 5ADF
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
42 B
112 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=01BFD3DE-507D-4754-A404-8DAC5D63B913; PUBMDCID=3; KRTBCOOKIE_22=14911-4196423437988044198; KRTBCOOKIE_377=6810-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&22918-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&23031-a8655d80-5dee-47a1-bcf8-db387e33ebd9; KRTBCOOKIE_391=22924-8710181708270382054&KRTB&23263-8710181708270382054; KRTBCOOKIE_57=22776-8491476304433887455; KRTBCOOKIE_153=19420-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3&KRTB&22979-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003&KRTB&17107-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003; KRTBCOOKIE_218=22978-YRAi_AADdDLlNgAC&KRTB&23194-YRAi_AADdDLlNgAC&KRTB&23209-YRAi_AADdDLlNgAC&KRTB&23244-YRAi_AADdDLlNgAC; KRTBCOOKIE_466=16530-9dd34a5f-4746-45cb-b4b1-3655fe7286c0; SPugT=1628447481; KRTBCOOKIE_1074=22956-e_e0658e5a-b1fd-48c8-8780-a4574a6385a8; SyncRTB3=1629244800%3A63%7C1629590400%3A78_71_56_231_234_5_55_176_166_13_222_161_230_220_57_81_22_99_165_189_104_233_3_204_21_7_54_8_88%7C1633564800%3A69%7C1628985600%3A2_67_223_15%7C1630972800%3A203%7C1629676800%3A35; KRTBCOOKIE_107=1471-uid:KzNK0IGo1McNzY5; PugT=1628447482; chkChromeAb67Sec=3; DPSync3=1630972800%3A232%7C1628467200%3A174%7C1629590400%3A235_219_227_221_226_201_197
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:22 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-u6iQbfpYVKKCGBuhpPmKXR13; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PugT=1628447482; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:22 GMT; path=/
x-lat
lhrpug016:0:627
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 08 Aug 2021 18:31:22 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=u6iQbfpYVKKCGBuhpPmKXR13; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=u6iQbfpYVKKCGBuhpPmKXR13
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:424
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:21 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1da66e10-27c0-4e11-8726-14923dbeaaf8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8491476304433887455
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge
cm.adgrx.com/ Frame 9123
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e0658e5a-b1fd-48c8-8780-a4574a6385a8
42 B
224 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e0658e5a-b1fd-48c8-8780-a4574a6385a8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e0658e5a-b1fd-48c8-8780-a4574a6385a8
date
Sun, 08 Aug 2021 18:31:21 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
rtset
bh.contextweb.com/bh/ Frame D195
0
0

i.match
s.tribalfusion.com/z/ Frame EC54
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
395 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=axnoeUsKBRwFmDqS86hPJGEEjlMTBDRS1D1P65nc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aKnseFxNeThBeZdwQMhEv2vU434xw6JC3HBSUZdfkrpwVSroTCjYWppl7nYAdV8mdL9ZbFZdZbaMgdySE7dYnG3T9; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT; SameSite=None; Secure; ANON_ID_old=aKnseFxNeThBeZdwQMhEv2vU434xw6JC3HBSUZdfkrpwVSroTCjYWppl7nYAdV8mdL9ZbFZdZbaMgdySE7dYnG3T9; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67bad22bfa9b1f31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 08 Aug 2021 18:31:19 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
14
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aHnoeUolXVMQuWxdKZcf9bhkHQdUGIXXqdC1P6e9E; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT; SameSite=None; Secure; ANON_ID_old=aHnoeUolXVMQuWxdKZcf9bhkHQdUGIXXqdC1P6e9E; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 18:31:19 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67bad22ad8511f31-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame BFAF
0
0

pixel
cm.g.doubleclick.net/ Frame 3E9E
0
0

pixel
cm.g.doubleclick.net/ Frame 3E9E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=01BFD3DE-507D-4754-A404-8DAC5D63B913
  • https://spl.zeotap.com/?zdid=1332&zcluid=f0cb28f865cbe6df
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a0b3360-d163-437c-46d5-6cbcf7c957f0&reqId=b3e9a737-e4b6-481c-76dd-588fc6caea7d&zclui...
0
0

pixel
cm.g.doubleclick.net/ Frame 3E9E
0
0

01BFD3DE-507D-4754-A404-8DAC5D63B913
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3E9E
43 B
192 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/01BFD3DE-507D-4754-A404-8DAC5D63B913?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3E9E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=01BFD3DE-507D-4754-A404-8DAC5D63B913&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
0
163 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Sun, 08 Aug 2021 18:31:21 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Sun, 08 Aug 2021 18:31:21 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ajJbwt9E2uUkwYXe8J_XXHEFHohnHcU-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3E9E
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 030C
0
0

pixel
cm.g.doubleclick.net/ Frame 030C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9zs2GGAs4DfmQDdXlAAA
0
0

casale
match.adsrvr.org/track/cmf/ Frame 030C
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YRAi9zs2GGAs4DfmQDdXlAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 030C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TA34BCTZVVY7DY65V5R4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BNBJSEM4RFMA11YB68FY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d986614f-06c7-46dc-9b6b-befb5fcd3ab7
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d986614f-06c7-46dc-9b6b-befb5fcd3ab7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:21 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d986614f-06c7-46dc-9b6b-befb5fcd3ab7
date
Sun, 08 Aug 2021 18:31:19 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:22 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 08 Aug 2021 18:31:22 GMT
server
nginx/1.20.0
content-length
76
noop
px.owneriq.net/ Frame 030C
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6817338821262908260&uid=Q6817338821262908260&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Image
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:23 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 08 Aug 2021 18:31:23 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=xunTxcLqhMLd74bGkujPxcK6hM3d4NuWlbkZ-1hN
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=xunTxcLqhMLd74bGkujPxcK6hM3d4NuWlbkZ-1hN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 18:31:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 18:31:21 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=xunTxcLqhMLd74bGkujPxcK6hM3d4NuWlbkZ-1hN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
sync.quantumdex.io/ Frame 030C
43 B
333 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJqN7n7ZAmr4%2BzN%2BRq7HX5UwKjJY9rj9XHT5fADz%2F0m1vqdvKx4Ih3sOnDe3QwOO%2BMkN0%2F6GKdnoucN6zG5ocIja4B0fObCDblKZ%2FWPzkxTEoaxvRQal1EZ%2FzZtJ8S6kTqLcZBjWDnLPek8xLB4pkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
67bad22ae90b4a79-FRA
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 1068
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 3E9E
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 5222
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76069202&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6531981a74ff5d433b9d6488a71e505517f9883d8ead99e4a3d70d847a0d4d4c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2044
content-type
text/html; charset=UTF-8
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame A285
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 08 Aug 2021 18:31:24 GMT
via
1.1 varnish
x-served-by
cache-fra19160-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1628447485.595241,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 08-Aug-2022 18:31:22 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f424c8e2-db41-4685-8ad6-4e1d7801b42f-tuct809a87a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 08 Aug 2021 18:31:22 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1628447482.190865,VS0,VE8
x-vcl-time-ms
8
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 4180
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
164 B
Document
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1628447482368; TapAd_DID=df47ad1c-af2a-472b-b28e-9bf40cb5b4d3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 18:31:22 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
via
1.1 google
alt-svc
clear

Redirect headers

date
Sun, 08 Aug 2021 18:31:22 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1628447482368;Expires=Thu, 07 Oct 2021 18:31:22 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=df47ad1c-af2a-472b-b28e-9bf40cb5b4d3;Expires=Thu, 07 Oct 2021 18:31:22 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 1715
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KzNK0IGo1McNzY5&gdpr=0&gdpr_consent=
42 B
290 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KzNK0IGo1McNzY5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KzNK0IGo1McNzY5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=01BFD3DE-507D-4754-A404-8DAC5D63B913; PUBMDCID=3; KRTBCOOKIE_22=14911-4196423437988044198; KRTBCOOKIE_377=6810-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&22918-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&23031-a8655d80-5dee-47a1-bcf8-db387e33ebd9; KRTBCOOKIE_391=22924-8710181708270382054&KRTB&23263-8710181708270382054; KRTBCOOKIE_57=22776-8491476304433887455; KRTBCOOKIE_153=19420-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3&KRTB&22979-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003&KRTB&17107-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003; KRTBCOOKIE_218=22978-YRAi_AADdDLlNgAC&KRTB&23194-YRAi_AADdDLlNgAC&KRTB&23209-YRAi_AADdDLlNgAC&KRTB&23244-YRAi_AADdDLlNgAC; KRTBCOOKIE_466=16530-9dd34a5f-4746-45cb-b4b1-3655fe7286c0; PugT=1628447481; SPugT=1628447481; KRTBCOOKIE_1074=22956-e_e0658e5a-b1fd-48c8-8780-a4574a6385a8; chkChromeAb67Sec=2; DPSync3=1628467200%3A174%7C1629590400%3A201_197_219_221_226_227%7C1630972800%3A232; SyncRTB3=1629244800%3A63%7C1629590400%3A78_71_56_231_234_5_55_176_166_13_222_161_230_220_57_81_22_99_165_189_104_233_3_204_21_7_54_8_88%7C1633564800%3A69%7C1628985600%3A2_67_223_15%7C1630972800%3A203%7C1629676800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:22 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:KzNK0IGo1McNzY5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:22 GMT; path=/ PugT=1628447482; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:22 GMT; path=/
x-lat
lhrpug006:0:628
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sun, 08 Aug 2021 18:31:21 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KzNK0IGo1McNzY5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=KzNK0IGo1McNzY5; Domain=.w55c.net; Expires=Thu, 08-Sep-2022 18:31:22 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 07-Sep-2021 18:31:22 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=604800; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0CA0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kCR0lK-bQDJ-UuyFMk0Ga8JjaWM
42 B
375 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kCR0lK-bQDJ-UuyFMk0Ga8JjaWM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kCR0lK-bQDJ-UuyFMk0Ga8JjaWM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_409=22966-u6iQbfpYVKKCGBuhpPmKXR13; PUBMDCID=3; KRTBCOOKIE_1101=23040-6994128678470547597; PugT=1628447483; KRTBCOOKIE_279=22890-d57e36bc-f876-11eb-a814-c5abe834d1d7&KRTB&23011-d57e36bc-f876-11eb-a814-c5abe834d1d7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:25 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-kCR0lK-bQDJ-UuyFMk0Ga8JjaWM; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:25 GMT; path=/ PugT=1628447485; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 18:31:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:25 GMT; path=/
x-lat
lhrpug001:0:537
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sun, 08 Aug 2021 18:31:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kCR0lK-bQDJ-UuyFMk0Ga8JjaWM
Set-Cookie
sa-user-id=s%3A0-90247494-af9b-4032-7e52-ec85324d066b.mAn%2FBVc8oc2%2FYAqwGlNrGj%2BZ8TtxiZT97zNVj1zAJo0; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-90247494-af9b-4032-7e52-ec85324d066b%24ip%24194.99.105.99.noePCQzv1Qj2xnOTgueUO68dA8Xc3qi0EmHn25aDlXE; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 56A5
0
112 B
Document
General
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 08 Aug 2021 18:31:22 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 60C6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:719E485E1E1C4D90A49B2BF98F48253B
1 B
88 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:719E485E1E1C4D90A49B2BF98F48253B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:719E485E1E1C4D90A49B2BF98F48253B
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=01BFD3DE-507D-4754-A404-8DAC5D63B913; PUBMDCID=3; KRTBCOOKIE_22=14911-4196423437988044198; KRTBCOOKIE_377=6810-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&22918-a8655d80-5dee-47a1-bcf8-db387e33ebd9&KRTB&23031-a8655d80-5dee-47a1-bcf8-db387e33ebd9; KRTBCOOKIE_391=22924-8710181708270382054&KRTB&23263-8710181708270382054; KRTBCOOKIE_57=22776-8491476304433887455; KRTBCOOKIE_153=19420-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3&KRTB&22979-fiRvQHonOEdlIjpDKiVzQHp3OEhlLWcTLXQlvkG3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_594=17105-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003&KRTB&17107-RX-36ccc8b0-c499-4f00-81f1-6f5ece1e7761-003; KRTBCOOKIE_218=22978-YRAi_AADdDLlNgAC&KRTB&23194-YRAi_AADdDLlNgAC&KRTB&23209-YRAi_AADdDLlNgAC&KRTB&23244-YRAi_AADdDLlNgAC; KRTBCOOKIE_466=16530-9dd34a5f-4746-45cb-b4b1-3655fe7286c0; PugT=1628447481; SPugT=1628447481; KRTBCOOKIE_1074=22956-e_e0658e5a-b1fd-48c8-8780-a4574a6385a8; chkChromeAb67Sec=2; DPSync3=1628467200%3A174%7C1629590400%3A201_197_219_221_226_227%7C1630972800%3A232; SyncRTB3=1629244800%3A63%7C1629590400%3A78_71_56_231_234_5_55_176_166_13_222_161_230_220_57_81_22_99_165_189_104_233_3_204_21_7_54_8_88%7C1633564800%3A69%7C1628985600%3A2_67_223_15%7C1630972800%3A203%7C1629676800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 18:31:22 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 18:31:22 GMT; path=/
x-lat
lhrpug006:0:377
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sun, 08 Aug 2021 18:31:22 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:719E485E1E1C4D90A49B2BF98F48253B
set-cookie
suid=719E485E1E1C4D90A49B2BF98F48253B; Path=/; domain=simpli.fi; Expires=Tue, 09-Aug-22 18:31:22 GMT; SameSite=none; Secure; suid_legacy=719E485E1E1C4D90A49B2BF98F48253B; Path=/; domain=simpli.fi; Expires=Tue, 09-Aug-22 18:31:22 GMT; Secure;
expires
Sat, 07 Aug 2021 18:31:22 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Artemis
aud.pubmatic.com/AdServer/ Frame 5222
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=01BFD3DE-507D-4754-A404-8DAC5D63B913&addseg=21
7 B
87 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=01BFD3DE-507D-4754-A404-8DAC5D63B913&addseg=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:26 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Sun, 08 Aug 2021 18:31:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=01BFD3DE-507D-4754-A404-8DAC5D63B913&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame 5222
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=01BFD3DE-507D-4754-A404-8DAC5D63B913&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=01BFD3DE-507D-4754-A404-8DAC5D63B913&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=01BFD3DE-507D-4754-A404-8DAC5D63B913&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:21 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 18:31:21 GMT
frontend-id
12
location
/pubmatic/1/info2?sType=sync&sExtCookieId=01BFD3DE-507D-4754-A404-8DAC5D63B913&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5222
95 B
187 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=01BFD3DE-507D-4754-A404-8DAC5D63B913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:22 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
67bad23bbcdc325c-FRA
access-control-allow-headers
*
content-length
95
/
loadm.exelator.com/load/ Frame 5222
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sun, 08 Aug 2021 18:31:23 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=01BFD3DE-507D-4754-A404-8DAC5D63B913&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5222
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d57e36bc-f876-11eb-a814-c5abe834d1d7&gdpr=0&gdpr_consent=
1 B
217 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d57e36bc-f876-11eb-a814-c5abe834d1d7&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:23 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:454
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d57e36bc-f876-11eb-a814-c5abe834d1d7&gdpr=0&gdpr_consent=
Date
Sun, 08 Aug 2021 18:31:23 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d57e36bd-f876-11eb-a814-c5abe834d1d7
PugMaster
image6.pubmatic.com/AdServer/ Frame F896
182 B
416 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5988624&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
81c3c2d2fc9e8a31af85de2bbf387456ef2394489e54ca5953ccbce81bdab9a4

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 18:31:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame F896
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=01BFD3DE-507D-4754-A404-8DAC5D63B913
  • https://a.audrte.com/p
68 B
942 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-192-53.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 18:31:25 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 08 Aug 2021 18:31:25 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRAi9yYjaXCpc-n9DWiqQwAABGEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9yYjaXCpc.n9DWiqQwAA
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRAi91c2Lu1RHZyctKlebgAABIcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi91c2Lu1RHZyctKlebgAA
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9.JPZ.lFvO0ExscNCgAA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRAi9-JPZ-lFvO0ExscNCgAABHkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y8oYrQ9rSJO_IupgTJNWyg%3D%3D
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjNDQTE4QUQtMEY2Qi00ODkzLUJGMjItRUE2MDRDOTM1NkNB&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ab_T3lB9R1SkBI2sXWO5Ew%3D%3D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8a0b3360-d163-437c-46d5-6cbcf7c957f0&reqId=b3e9a737-e4b6-481c-76dd-588fc6caea7d&zcluid=f0cb28f865cbe6df&zdid=1332
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDFCRkQzREUtNTA3RC00NzU0LUE0MDQtOERBQzVENjNCOTEz&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRAi9zs2GGAs4DfmQDdXlAAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRAi9zs2GGAs4DfmQDdXlAAA

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| s function| j8MM function| M1gg function| q8MM string| F3UU object| e object| __cfQR function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| adtrue_tags function| q9tt function| J911 function| n3hh function| P9tt function| c2ss function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| addDictionary function| getRandomNumber function| showInPopup function| showInNewTab function| showBlog object| vitag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| q object| qs string| js_code string| k object| app_vars object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object undefined| selectedTab undefined| clipboard function| setTooltip function| cookie_accept function| WOW function| ClipboardJS boolean| __cfRLUnblockHandlers object| _VLIOBJ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_973681 object| regeneratorRuntime string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport object| $sf function| vlPlayer object| googletag object| ggeac object| google_js_reporting_queue function| __tcfapiui function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| Criteo function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| _mgPageViewEndPoint629011 string| _mgPvid boolean| _mgPageViewEndPoint630298 boolean| _mgPageView629011 boolean| _mgPageView630298 object| criteo_pubtag object| criteo_pubtag_prebid_105 object| Criteo_prebid_105 boolean| _mgPageImp629011 boolean| _mgPageImp630298

3 Cookies

Domain/Path Name / Value
shrinke.me/ Name: AppSession
Value: 218d3f92ce9391439799bd5fa6f193a0
shrinke.me/ Name: csrfToken
Value: 9494f47dc76c42c4e797ef5720f5967c4b5fc2c9d80f8abd83df5353dc500f417ef058ab2a238302acea84993cea2c9d66a8a74e1bd72d9c8da0c4da81fec7a6
shrinke.me/ Name: lang
Value: en_US

5 Console Messages

Source Level URL
Text
console-api error URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tag.vlitag.com/v1/1628227860/b696d0f5c06dbd9fd83feb568718537b.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api debug URL: https://jsc.adskeeper.com/s/h/shrinke.me.992723.es6.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994621.es6.js(Line 1)
Message:
[object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
assets.vlitag.com
aud.pubmatic.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.adskeeper.co.uk
c.adskeeper.com
c1.adform.net
cdn-adtrue.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.jsdelivr.net
cm.adgrx.com
cm.adskeeper.co.uk
cm.adskeeper.com
cm.g.doubleclick.net
cm.steepto.com
coccusadmanlob.com
code.jquery.com
csync.loopme.me
d.adroll.com
d1r90st78epsag.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs-simple.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jsc.adskeeper.co.uk
jsc.adskeeper.com
leaderhistliness.info
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
praiserevision.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.owneriq.net
px.vliplatform.com
rtb.gumgum.com
s-img.adskeeper.co.uk
s-img.adskeeper.com
s.amazon-adsystem.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.adskeeper.co.uk
servicer.adskeeper.com
services.vlitag.com
shrinke.me
shrinkme.io
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.vlitag.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.vlitag.com
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
bh.contextweb.com
cm.adgrx.com
cm.g.doubleclick.net
csync.loopme.me
d5p.de17a.com
gu.dyntrk.com
match.deepintent.com
match.prod.bidr.io
p.rfihub.com
sync.adotmob.com
sync.mathtag.com
104.111.242.53
104.18.16.65
104.19.130.80
104.19.134.80
104.19.138.80
13.224.89.194
13.248.242.197
147.75.38.124
151.101.13.108
151.101.13.44
151.101.14.49
169.50.137.190
172.255.6.123
178.162.133.149
178.250.0.165
178.250.2.146
178.250.2.151
178.62.202.251
18.156.0.31
18.184.122.71
18.198.142.61
18.207.58.102
18.210.180.232
18.210.5.212
185.184.8.65
185.33.221.15
185.33.221.89
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
192.243.59.20
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
209.54.176.128
213.19.147.44
216.58.212.162
2606:4700:10::6816:1957
2606:4700:10::6816:3081
2606:4700:20::681a:24e
2606:4700:20::681a:eee
2606:4700:20::681a:fee
2606:4700:21::681b:cf5c
2606:4700:3037::ac43:8784
2606:4700:3038::6815:ead6
2606:4700:3039::6815:c072
2606:4700::6812:c05
2606:4700:e0::ac40:6c1a
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1400
2a04:4e42:3::300
2a04:4e42:3::485
3.123.143.157
3.220.196.160
34.206.192.53
34.253.133.188
34.98.107.212
35.201.96.126
35.227.248.159
37.157.6.247
37.252.172.38
38.27.122.126
44.236.192.77
46.249.52.248
46.249.52.249
51.79.83.225
51.89.9.254
52.17.151.21
52.18.12.237
52.204.62.148
52.48.175.241
54.237.125.12
54.36.109.48
54.78.254.47
63.251.86.49
66.155.71.149
77.243.60.138
85.114.159.93
87.98.228.78
04ffe5c9b1463ff5bb3f71a7917df53362d15f9b46e725a022d8d27acaa4712d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ae722c1d6d8739650cd30b2e26503eb570e9e2d452adfae72a3839ea11435e1
0b5cf6934f9f632cff3aeca60e21d4b38c28a74570df484abeaf0b643784283c
0b67db62e7dee9a7348578cca072ea6ce8add417bea88d6c4886c4187dbdc6bd
12a0241564451caa4b0a2500a7bcaa051fa8cd696faed6093a59eefa9e9a0885
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
15fa31d911abfe3d008c72c0297d8b80057085bee4b22ceb12322c225d43dc9d
1659c86f19c8ee53a722aa7bc4146c0d2ac148bd724729a194976d6f334e2100
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e7c8a0e88450288feb2432665b99b1c2229e5a82f2baf311f765ded1727c3ce
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
237f4094e8739b150532f80c6da8fae693dd09ce6f6aef9bd925e1f11631f374
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab53c20e7edb761a57f6969dc83a7c0cbeea6982f70a552426d48da024e74eb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2ba87f8a5c970ab84e696c450fa11c7d6bc63f71434d5d73341bbae42de021b7
2ef1208b61e774ff154c60d7247934475417ebc72b7b058b26e55b2d2e716fce
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5
316c5f71e9bd86f30b3461e812e5cee1e390739aec64a4861ba57e3af8e1eb05
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33b07e1ff8a32fa4a06447bade27ac0d6cf1d5a1a8f72b29ecd0bea5c0d3b610
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ce288c7515b31536e66d76bba32b7dc54eef765d3a31be56b2a13842b1335b
3821636287fec5ab888c8fdf4d6e8e3d082232396db375cc89591dcc6c8e8946
3aa0052761d94972744b2257a728eb6cdba64424d842024356e173569e15ec20
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da1b408f08e1cf2b8bcb4c41e4448b017bce75f8780382769013b204a86e330
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84
428f71e1b03adf42ada780217e07a5ebbad73a5c7843502197e3eece8764adbb
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45236e14992678b48c797ad5749979ae33226e5fb36c0aacf84ec6d0c411710d
47059f27d3b042ffc3ac44b10d8b46ebd23f445e90560873c9921f4cb5271d39
475b0de0219ba035ec1e12ac99b4d36cd26b8f67620659952e01e865714729bd
483f51595595548a0a790f04097c3785cb6ebbd0c82f7fb1aff68b2de8df299e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498fd27eb6dc4514f79d6a0e0f8ac0a2743600d36313d087a0af349b9c918c1b
4b316377f099e055f34a2e4248ce81bece4014455ca5217131380368e2eed8ad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
52a3c7a4fc58308b6f9a82e68ed560b1af864632a5aadf5945241666e14caeeb
535f5eb3394afee9ebf7cdfea28a5201b44d7fa5a97d5162fe0f6ef0af47a984
53cb721f81c14dd827b5484b2c4d34c30cbf459cafd4b758a1950a7e7ae099ee
5598861b0146b51bd9489756ea6cfdba65c835bc9e03ce712207be4861a37f98
56bad46f2e3e2ff511cf0ee9038719796534de5debf039a06b7d96c09f3cf226
5a001b05857ca4ca102dee16f85674406f5d919230e9ae18e3298206f8eafb25
5b3424842e91177880f0cd341e3f9a980de96fadb3ec7dd11cda32d848505fd5
5c0c27a6374a3e00135c48696af6bb25a95a4c10c5bc1197602514eda85c4e3a
5c261f01db1fdbdfe12196cb95c00ab127d6ced4443b411e0c04ca7dd7d4a121
5ee2480b24d7af408eb406b75e9489bceeab8e6970a9a9a5aa18171e9ce6f1f8
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6263f35dcb57865abc7bb83ca17b3bf6b561f7866e26136b27c9d8e4267a8991
6310adf8de1b0d94b88c56d7c1c3abdfec70d3ff25cff0586166c5900f88929d
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6531981a74ff5d433b9d6488a71e505517f9883d8ead99e4a3d70d847a0d4d4c
66e374af96685fd9dc9066e44283c2305f75dee48ed224107cbeee0d67f80351
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
69cb8af6bcbd3ef6bf3ec3d81ec444a6f92975840bb6c1f83fbd5097f80dd516
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae8e1cf6149523af13027512ef8d0bf64dfe48eea30001f8945f4957abd693a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f25e6ddd41a6aa77b01957fbc25460159fa5bc55bad125d817199ee89b0b13e
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7d79e1b59a9a15564fbbc9a4623f09a4d8feee7863aafa547512444ccf667a2f
7f26fda8be8cb722766cf71884315d5d0d418e59a3352f0345d01c57e4013ec0
81165dae62222a3a2709a9ee6d0748ef8c4a8a09bdcee718ca86064ba51d4410
81c3c2d2fc9e8a31af85de2bbf387456ef2394489e54ca5953ccbce81bdab9a4
820940626c8b0ea4d61278c472b9f3f4b02358cbba4c85c0bb22c1d14584b806
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92ec0c680b6bdf95e1cf04bf76decdbcb73a5d32a9450c8d8b22564431c3d8b4
963f954f0dba1a92bbbd2ab59fbbd8888af7ebf48ed74ef8360e2143e216157d
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a59fb2a7973a35a90513d02f19ec11d8e33411b846cc2c4f6e12a9c59979ddb
9d5519e03823d536305db622f3e0a6ab75c8b5be63edf9cd23c85cd0e0bbcfe1
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a39d60f737b78b6739ec48800c96f53f8d61cbc93afeb2d5dfb79376285197c3
a4b9b76db23ad77edc470ca026350b0d44b4d83ba125349ab76621afba25b267
a4e27f50833426396eb08bc48ff5764459b781835ebbc7f8dedd07f3fc9be17e
a8b3e295b268a6ea11d77c83c7ef2e40a54d7fde55fbf7b9f82d21f93704b6b6
a9973711e67afea223f23b0d14a5f279d05be219f23e4d2cfa65e0ef53a79fdf
a9d5e562f67ce6a69e1f874a2e8ca3efbca2f58d89a0cab3d3e7d45e571cdf41
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e9aa48de80b70c095203781b4d8744615b14e9047f341cf335f9e7d4924d45
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b
b468609a3058aeac4dcd21581d0d8ce84ee810878a513735ed4a1676fd3b77fc
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bc93ec4acda15bc8ea75b646b93c19a1061183082be11f2694af5e34a2797b4e
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd11e180d6fff0d5d32ca7d137fd14fb10a79c4423dc976537eb07e50dea7409
c183b97bb99d7df202a275214dc4d87fc96082c9093a8b63be2f6d8639500b25
c1b65da7e1759e98a2f61c7c52b78089e03473fbfa1fe85e8891e3255cbbf9f5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29458e7119b8d6fd4344551d3ad080a69a27b26ded2b58b29a9a5b2aa100189
c95fe4316df13289039fb5ff162800ea01055e14832775f4e46389ee44d14fdc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d819fa7c289ca0b9d6215060c65c2c22b21ee1b4d29adf29af5204749179fce1
dbb78cc73a4c46bb097bec37721eed5e280d51669892e3e45714f5716c2cd86e
dbdd2ee2a6245e818664984007dd3ca9eb31dff1d18b626efe873639a4e9ea55
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e201e80d49154a772a7281eb5cd1666297444c5c7166812648b07c8a9d598477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6225b96f2dc4888c1e2d9612b17dfa5ad0d58f1d7e46fc9a08dcbd69638b55c
e9fa1458cee601bf31e0fd98cfbd5aed2135a7be7d92e09e8a4bb11a6daf705a
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed6812a9b0a0d9bc15794d380ecf3dc0083b76fadb2f6ebb15b40538ea358ffc
eedffa273959ec9754da455f002c450db193ad1469011e6b5e6d28df56ce20ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bc6be6ac3b442e6bc21a373a90f03b91c2a397b10f59d6005e1e7581bd0757
f6f6ad8a89b1a15114bf6fd5b10d8aab8a613d73126b2cf7e8caa534f4db0a95
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
f9fb02852dda1e5714cdaed5afa720c8b3a12e5ac59744bb303ce601c280dd23
fcf2c324c7e0df2afc5c8f89d9885a0ac4084b6b148f7ec1e9644a922be8d0af
ffe01baa3dc60c1d909f76ef6d6568e8c57436ac9f7239e73b26ddfccf578be6